Previous Topic: Enforce Password Rules When Reactivating an Account

Next Topic: Unlock a User Account

Lock a User Account

You can lock users' accounts manually by locking their password. You can later unlock the account, and the user can continue to use that password.

Note: If a user uses an LDAP client that is aware of LDAP password policy controls (for example, LDUA or a PAM-LDAP client), then the account-locked password policy control is returned in a bind refuse of a locked account.

To lock a user's account

  1. Enable password locking using the following command:
    set password-allow-locking = true;
    
  2. Lock a user's account by adding the attribute dxPwdLocked with the value true to the user's entry.

More information:

set password-allow-locking Command

Password Commands Requiring an LDAP Client


Copyright © 2009 CA. All rights reserved. Email CA about this topic