Page created: 4 Feb 2020
|
Page updated: 22 Jul 2020
To indicate that a user should be subject to a particular password policy
(rather than automatically inheriting the default policy), include the
ds-pwp-password-policy-dn
operational attribute in that user’s
entry with a value equal to the DN of the desired password policy for that user.
This attribute can be explicitly included in a user’s entry, or it can be generated
by a virtual attribute, which makes it easy to apply a custom password policy to a
set of users based on a flexible set of criteria.