| OID | 1.3.6.1.4.1.36733.2.1.2.110 | 
| Names | ds-pwp-password-policy | 
| Superior classes | top | 
| Class type | AUXILIARY: for use in augmenting attributes of entries that already have a structural object class. | 
| Required attributes | ds-pwp-default-password-storage-scheme, ds-pwp-password-attribute, objectClass | 
| Optional attributes | cn, ds-pwp-account-status-notification-handler, ds-pwp-allow-expired-password-changes, ds-pwp-allow-multiple-password-values, ds-pwp-allow-pre-encoded-passwords, ds-pwp-allow-user-password-changes, ds-pwp-deprecated-password-storage-scheme, ds-pwp-expire-passwords-without-warning, ds-pwp-force-change-on-add, ds-pwp-force-change-on-reset, ds-pwp-grace-login-count, ds-pwp-idle-lockout-interval, ds-pwp-last-login-time-attribute, ds-pwp-last-login-time-format, ds-pwp-lockout-duration, ds-pwp-lockout-failure-count, ds-pwp-lockout-failure-expiration-interval, ds-pwp-max-password-age, ds-pwp-max-password-reset-age, ds-pwp-min-password-age, ds-pwp-password-change-requires-current-password, ds-pwp-password-expiration-warning-interval, ds-pwp-password-history-count, ds-pwp-password-history-duration, ds-pwp-previous-last-login-time-format, ds-pwp-require-change-by-time, ds-pwp-require-secure-authentication, ds-pwp-require-secure-password-changes, ds-pwp-skip-validation-for-administrators, ds-pwp-state-update-failure-policy | 
| Origin | ForgeRock Directory Server | 
| Schema file | 03-pwpolicyextension.ldif |