This discussion is archived
0 Replies Latest reply: Jan 11, 2013 7:53 AM by 968382 RSS

OpenSSO and physical lock account

968382 Newbie
Currently Being Moderated
I'm using Oracle OpenSSO 8.0 Update 2 Build 6.1 and Oracle Directory Service Version 11.1.1.3.0. I configured my Authentication like that:

Login Failure Lockout Mode: Enabled
Login Failure Lockout Count: 5
Login Failure Lockout Interval: 60

Warn User After N Failures: 4
Login Failure Lockout Duration: 0
In minutes.
Lockout Duration Multiplier: 1

Lockout Attribute Name: inetuserstatus
Lockout Attribute Value: inactive

After 4 invalid password i'm receiving the notification Warning: Account lockout will occur after next 1 password failure(s). And after the 5 invalid password I'm receiving This user is not active. After that I checked the inetuserstatus and is not set to inactive. Instead of that the user have a new attibutes accountunlocktime: 19700101000000Z, pwdaccountlockedtime: 000001010000Z and 5 pwdfailuretime.

This configuration works perfectly on my other environment but with Sun Java System Access Manager/Sun Directory Server 5.2.

What is the problem with this configuration in OpenSSO ?

Edited by: 965379 on Jan 11, 2013 7:33 AM

Legend

  • Correct Answers - 10 points
  • Helpful Answers - 5 points