Chapter 7. Managing User Accounts and Passwords

7.1.1. Configuring the Password Policy
7.1.2. Setting User Passwords
7.1.3. Password Change Extended Operation
7.1.4. Configuring the Account Lockout Policy
7.1.5. Managing the Password Policy in a Replicated Environment
7.1.6. Synchronizing Passwords

7.2.1. Inactivating User and Roles Using the Console
7.2.2. Inactivating User and Roles Using the Command-Line
7.2.3. Activating User and Roles Using the Console
7.2.4. Activating User and Roles Using the Command-Line

7.3. Setting Resource Limits Based on the Bind DN

7.3.1. Setting Resource Limits Using the Console
7.3.2. Setting Resource Limits Using the Command-Line

When a user connects to the Red Hat Directory Server, first the user is authenticated. Then, the directory grants access rights and resource limits to the user depending upon the identity established during authentication.

This chapter describes tasks for managing users, including configuring the password and account lockout policy for the directory, denying groups of users access to the directory, and limiting system resources available to users depending upon their bind DNs.

^[6] The LDAP tools referenced in this guide are Mozilla LDAP, installed with Directory Server in the /usr/lib/mozldap directory on Red Hat Enterprise Linux 5 i386; directories for other platforms are listed in Section 1.2, “LDAP Tool Locations”. However, Red Hat Enterprise Linux systems also include LDAP tools from OpenLDAP. It is possible to use the OpenLDAP commands as shown in the examples, but you must use the -x argument to disable SASL and allow simple authentication.

^[7] The commands to stop and start the Directory Server on platforms other than Red Hat Enterprise Linux is described in Section 1.3, “Starting and Stopping Servers”.