How To Query Expired Passwords In Sun One Ldap Directory Server 6.3.1

(Doc ID 1397533.1)

Last updated on MAY 17, 2018

Applies to:

Oracle Directory Server Enterprise Edition - Version 6.3 to [Release 6.0 to 11gR1]
Information in this document applies to any platform.
***Checked for relevance on 06-Jun-2014***


As there is no attribute to declare the password has been expired it is necessary to search in the entries and compare the date of the last time password has been changed and the current date incorporated with the Password Max Age (pwdMaxAge) declared in password policy.

To formulate the correct ldapsearch see below fix section.

reminder:  extract of Document 1390458.1

cn=config Semantic User Visibility Data Type Initial value
pwdMinAge Holds the number of seconds that must elapse between modifications of the password. yes integer
pwdMaxAge Holds the number of seconds after which a modified password will expire. If not present or 0, the password doesn't expire. If not 0, must be >=pwdMinAge yes integer



Sign In with your My Oracle Support account

Don't have a My Oracle Support account? Click to get started

My Oracle Support provides customers with access to over a
Million Knowledge Articles and hundreds of Community platforms