Logo Background

LDAP Attribute Password

  • By on November 24, 2009 | No Comments

    In my previous topic, we found an issue with the OID to Oracle E-Business user provisioning profile issue which was caused by the password expired for the Apps Instance OID Account. The problem was fixed at last by updating the “userpassword” attribute field which was expired after 90 days following the password policy rules.

    Disable LDAP Password Expiration

    By default, the password policy setting was set in the pwdmaxage attribute under cn=PwdPolicyEntry,cn=Common,cn=Products,cn=OracleContext,dc=your_realm.

    You change the pwdmaxage attribute in each password policy to an appropriate value:

    • 5184000 = 60 days (default)
    • 7776000 = 90 days
    • 10368000 = 120 days
    • 15552000 = 180 days
    • 31536000 = 1 year
    • 999999999 = never expire

    If you set it to 999999999 value then all the LDAP account will not be expire forever.

    If you modify pwdmaxage to whatever value in “cn=PwdPolicyEntry,cn=Common,cn=Products,cn=OracleContext,dc=your_realm”, then all users within your realm will be affected by the new value of pwdmaxage.

    Previous
    Next
    » How To Check Top Memory Usage In Unix
Leave a Comment