6.54. passwordObject (Object Class)

This object class is used for entries which store password information for a user in the directory.
This object class is defined in Directory Server.
Superior Class

top

OID

2.16.840.1.113730.3.2.12

Required Attributes

objectClass Defines the object classes for the entry.

Allowed Attributes

accountUnlockTime Refers to the amount of time that must pass after an account lockout before the user can bind to the directory again.
passwordAllowChangeTime Specifies the length of time that must pass before users are allowed to change their passwords.
passwordExpirationTime Specifies the length of time that passes before the user’s password expires.
passwordExpWarned Indicates that a password expiration warning has been sent to the user.
passwordGraceUserTime Specifies the number of login attempts that are allowed to a user after the password has expired.
passwordHistory (Password History) Contains the history of the user’s previous passwords.
passwordRetryCount Counts the number of consecutive failed attempts at entering the correct password.
pwdpolicysubentry Points to the entry DN of the new password policy.
retryCountResetTime Specifies the length of time that passes before the passwordRetryCount attribute is reset.