The Lockout option allows you to lock a user account on repeated failure of login attempts. Using this option, you can also set the number of failed password entries that triggers the user account to lock for a specific duration.
To set up the password lockout preferences, perform the following:
Navigate to the /usr/local/ffm/scripts/ldap folder and copy the lockout-policy.ldif file to the /home/administrator folder. It is recommended that you retain the same name.
Using an editor such as vi, make the following changes to the file:
In the following line, replace “5” with the maximum number of attempts a user can make to log in if the password is incorrect with every login attempt.
pwdMaxFailure: 5
In the following line, replace “1800” with the duration (in seconds). This determines the duration for which the user account is locked out after exceeding the permitted number of failed login attempts:
pwdLockoutDuration: 1800
Log in to the Fabric Management Platform (FMP) and open a new terminal session. If you are connecting remotely, use a tool such as PuTTY or the remote desktop function of the FMP and execute the following command:
ccc
ldapmodify -D "cn=root,dc=unisys,dc=com" -W -f /home/administrator/lockout-policy.ldif
Type the password. The default password is ‘LDAPAdmin@1’.