To prevent users from including their own names in the password, use the following command:
set password-username-substring = true | false;
The password cannot be a substring of the user's name and the user's name cannot be a substring of the password.
The user's name is taken to be the last RDN in their DN.
Example: Prevent Usernames in Passwords
You have set up the following password policy in the Democorp DSA:
set password-policy = true; set password-username-substring = true;
The user with the DN <c AU><o DEMOCORP><ou Corporate><ou Administration><cn "Craig LINK"> has the name Craig LINK.
This user cannot create the following passwords:
Copyright © 2011 CA. All rights reserved. | Email CA Technologies about this topic |