0 Replies Latest reply: Jan 11, 2013 9:53 AM by 968382 RSS

    OpenSSO and physical lock account

    968382
      I'm using Oracle OpenSSO 8.0 Update 2 Build 6.1 and Oracle Directory Service Version 11.1.1.3.0. I configured my Authentication like that:

      Login Failure Lockout Mode: Enabled
      Login Failure Lockout Count: 5
      Login Failure Lockout Interval: 60

      Warn User After N Failures: 4
      Login Failure Lockout Duration: 0
      In minutes.
      Lockout Duration Multiplier: 1

      Lockout Attribute Name: inetuserstatus
      Lockout Attribute Value: inactive

      After 4 invalid password i'm receiving the notification Warning: Account lockout will occur after next 1 password failure(s). And after the 5 invalid password I'm receiving This user is not active. After that I checked the inetuserstatus and is not set to inactive. Instead of that the user have a new attibutes accountunlocktime: 19700101000000Z, pwdaccountlockedtime: 000001010000Z and 5 pwdfailuretime.

      This configuration works perfectly on my other environment but with Sun Java System Access Manager/Sun Directory Server 5.2.

      What is the problem with this configuration in OpenSSO ?

      Edited by: 965379 on Jan 11, 2013 7:33 AM