Find suspended accounts for a specific duration.
My thoughts,
Step-1 : Retrieve all accounts which have dxPwdLocked=True >> List-1 (we have example here)
Step-2 : Retrieve dxPwdFailedTime for all accounts from List-1 >> List-2
Step-3 : Sort List-2 any way we like.
Find failed login attempts even if account is not suspended e.g. Unsuccessful retries are 2 but account is not suspended.
My thoughts, something like this may work
Step-1 : % dxsearch -x -h {HOST} -p {PORT} -b “ou=users,c=au” (dxPwdFailedAttempts!=0)
Activate account from bespoke Java application using LDAP queries. Do not want directory to activate account after certain duration without any verification.
My thoughts, something like this may work.
Update the following attributes to "0" or "null". dxPwdFailedAttempts, dxPwdFailedTime, dxPwdLocked, dxPwdMustChange.
Do take care of this section though.