Password Policy Import Plugin

Note: this component has a complexity level of "expert", which means that objects of this type are not expected to be created or altered. Please contact support for assistance if you believe that you have a need to create or modify this type of object.

The Password Policy Import Plugin ensures that clear-text passwords contained in LDIF entries are properly encoded before they are stored in the appropriate Directory Server backend.

Parent Component Relations from This Component Properties dsconfig Usage

Parent Component

The Password Policy Import Plugin component inherits from the Plugin

Relations from This Component

The following components have a direct aggregation relation from Password Policy Import Plugins:

Properties

The properties supported by this managed object are as follows:


Basic Properties: Advanced Properties:
 description  invoke-for-internal-operations
 enabled
 default-user-password-storage-scheme
 default-auth-password-storage-scheme

Basic Properties

description

Description
A description for this Plugin
Default Value
None
Allowed Values
A string
Multi-Valued
No
Required
No
Admin Action Required
None. Modification requires no further action

enabled

Description
Indicates whether the plug-in is enabled for use.
Default Value
None
Allowed Values
true
false
Multi-Valued
No
Required
Yes
Admin Action Required
None. Modification requires no further action

default-user-password-storage-scheme

Description
Specifies the names of the password storage schemes to be used for encoding passwords contained in attributes with the user password syntax for entries that do not include the ds-pwp-password-policy-dn attribute specifying which password policy is to be used to govern them.
Default Value
If the default password policy uses the attribute with the user password syntax, then the server uses the default password storage schemes for that password policy. Otherwise, it encodes user password values using the "SSHA256" scheme.
Allowed Values
The DN of any Password Storage Scheme. The referenced password storage schemes must be enabled when the Password Policy Import Plugin is enabled.
Multi-Valued
Yes
Required
No
Admin Action Required
None. Modification requires no further action

default-auth-password-storage-scheme

Description
Specifies the names of password storage schemes that to be used for encoding passwords contained in attributes with the auth password syntax for entries that do not include the ds-pwp-password-policy-dn attribute specifying which password policy should be used to govern them.
Default Value
If the default password policy uses an attribute with the auth password syntax, then the server uses the default password storage schemes for that password policy. Otherwise, it encodes auth password values using the "SHA256" scheme.
Allowed Values
The DN of any Password Storage Scheme. The referenced password storage schemes must be enabled when the Password Policy Import plug-in is enabled.
Multi-Valued
Yes
Required
No
Admin Action Required
None. Modification requires no further action


Advanced Properties

invoke-for-internal-operations (Advanced Property)

Description
Indicates whether the plug-in should be invoked for internal operations. Any plug-in that can be invoked for internal operations must ensure that it does not create any new internal operations that can cause the same plug-in to be re-invoked.
Default Value
false
Allowed Values
true
false
Multi-Valued
No
Required
No
Admin Action Required
None. Modification requires no further action


dsconfig Usage

To list the configured Plugins:

dsconfig list-plugins
     [--property {propertyName}] ...

To view the configuration for an existing Plugin:

dsconfig get-plugin-prop
     --plugin-name {name}
     [--tab-delimited]
     [--script-friendly]
     [--property {propertyName}] ...

To update the configuration for an existing Plugin:

dsconfig set-plugin-prop
     --plugin-name {name}
     (--set|--add|--remove) {propertyName}:{propertyValue}
     [(--set|--add|--remove) {propertyName}:{propertyValue}] ...