My Oracle Support Banner

ODSEE 6x/11g - How to Query Expired Passwords in Sun One Directory Server (Doc ID 1397533.1)

Last updated on OCTOBER 01, 2023

Applies to:

Oracle Directory Server Enterprise Edition - Version 6.3 to [Release 6.0 to 11gR1]
Information in this document applies to any platform.


As there is no attribute to declare the password has been expired it is necessary to search in the entries and compare the date of the last time password has been changed and the current date incorporated with the Password Max Age (pwdMaxAge) declared in password policy.

To formulate the correct ldapsearch see below fix section.

reminder:  extract of Document 1390458.1

cn=config Semantic User Visibility Data Type Initial value
pwdMinAge Holds the number of seconds that must elapse between modifications of the password. yes integer
pwdMaxAge Holds the number of seconds after which a modified password will expire. If not present or 0, the password doesn't expire. If not 0, must be >=pwdMinAge yes integer



To view full details, sign in with your My Oracle Support account.

Don't have a My Oracle Support account? Click to get started!

In this Document

My Oracle Support provides customers with access to over a million knowledge articles and a vibrant support community of peers and Oracle experts.