Administration GuideManage User Accounts and PasswordsCreate a Password PolicyHow to Set Account Suspension Rules › Set Some Accounts to Never be Suspended

Previous Topic: Set the Time after Which Users Can Attempt to Log In Again

Next Topic: Example: Simple Password Policy
Set Some Accounts to Never be Suspended

Accounts can be made to never be suspended, regardless of the number of incorrect login attempts.

You can use this to protect critical accounts that need to be immune to password lockout attacks.

To set a user's password to never be suspended

  1. Use the following command to set the password-allow-ignore-suspended option to true: 
    set password-allow-ignore-suspended = true;
  2. Add the attribute dxPwdIgnoreSuspended to the user's entry.
  3. Set the value of this attribute to true.

Note: To check which user passwords are set to never expire, search for all user accounts with the attribute dxPwdIgnoreSuspended = true.

More information:

set password-allow-ignore-suspended Command

Set Some Accounts to Never Expire