Page created: 26 Jul 2021
|
Page updated: 14 Jan 2022
| 1 min read
9.0 Product PingDirectory Directory Capability Product documentation Content Type Administration User task Configuration IT Administrator Administrator Audience Software Deployment Method
-
To edit the existing default configuration, run the dsconfig
tool.
This example changes the requirement for special characters by making them optional in a password and adds a requirement to include at least two digits in the password. In this example, all newly created passwords must have at least one lowercase letter, one uppercase letter, two digits, and optionally any special characters listed.
$ bin/dsconfig set-password-validator-prop \ --validator-name "Character Set" \ --remove character-set:1:0123456789 \ --remove "character-set:1:~\!@#\$\%^&*()-_=+[]{}\|;:,.<>/?" \ --add character-set:2:0123456789 \ --add "character-set:0:~\!@#\$\%^&*()-_=+[]{}\|;:,.<>/?" \ --set allow-unclassified-characters:false -
Update an existing password policy to use the Character Set Password
Validator.
$ bin/dsconfig set-password-policy-prop \ --policy-name "Default Password Policy" \ --set "password-validator:Character Set" -
Test the Character Set Password Validator by submitting a password that meets the
requirements (one lowercase letter, one uppercase letter, two digits).
This example should reject the given password because it does not pass the Character Set Password Validator.
$ bin/ldappasswordmodify \ --authzID "uid=user.0,ou=People,dc=example,dc=com" --newPassword abab1