How To Query Expired Passwords In Sun One Ldap Directory Server 6.3.1 (Doc ID 1397533.1)

Last updated on SEPTEMBER 16, 2016

Applies to:

Oracle Directory Server Enterprise Edition - Version 6.3 to 11.1.1.5.0 [Release 6.0 to 11gR1]
Information in this document applies to any platform.
***Checked for relevance on 06-Jun-2014***

Goal

As there is no attribute to declare the password has been expired it is necessary to search in the entries and compare the date of the last time password has been changed and the current date incorporated with the Password Max Age (pwdMaxAge) declared in password policy.

To formulate the correct ldapsearch see below fix section.

reminder:  extract of Document 1390458.1

cn=config Semantic User Visibility Data Type Initial value
pwdMinAge Holds the number of seconds that must elapse between modifications of the password. yes integer
0
pwdMaxAge Holds the number of seconds after which a modified password will expire. If not present or 0, the password doesn't expire. If not 0, must be >=pwdMinAge yes integer
8640000

 

Solution

Sign In with your My Oracle Support account

Don't have a My Oracle Support account? Click to get started

My Oracle Support provides customers with access to over a
Million Knowledge Articles and hundreds of Community platforms