When a user connects to the Red Hat Directory Server, first the user is authenticated. Then, the directory grants access rights and resource limits to the user depending upon the identity established during authentication.
This chapter describes tasks for managing users, including configuring the password and account lockout policy for the directory, denying groups of users access to the directory, and limiting system resources available to users depending upon their bind DNs.
19.1. Setting User Passwords
An entry can be used to bind to the directory only if it has a
userPassword attribute and if it has not been inactivated. Because user passwords are stored in the directory, the user passwords can be set or reset with any LDAP operation, like
Passwords can also be set and reset in the Users and Groups area of the Red Hat Administration Server or Directory Server Console. For information on how to use the Users and Groups area in the Administration Server Console, see the online help that is available in the Red Hat Administration Server.
When using a password administrator account or the
Directory Manager (root DN) to set a password, password policies are bypassed and not verified. Do not use these accounts for regular user password management. Use them only to perform password administration tasks that require bypassing the password policies.