Setting Windchill Directory Server Password Policies
Your site password policy is defined in and enforced by your LDAP directory service. Windchill does not place any restrictions on passwords.
By default, the Windchill Directory Server defines no password policy; however, the directory server supports password policies. For example, you can set the following:
• A list of excluded passwords that are defined in a dictionary that is maintained in <WindchillDS>/server/config/wordlist.txt.
• Password expiration.
• Password history rules.
• Password syntax, including any of the following:
◦ Whether characters can be repeated
◦ How many unique characters there must be
◦ How long the password must be
◦ Whether the password must contain capital letters, integers, or special characters
◦ Whether the password can be the same as another user attribute, such as the user's name
Use the dsconfig command utility in either command-line or interactive mode to set password policies. This utility allows you to set multiple password policies and then associate specific policies with groups of users. To set up a password policy, you must decide on the policy properties and validators that you want enabled. The following sections provide descriptions of the password policy properties and other password policy details.