A locked account means that the password may no longer be used to authenticate.
PwdAccountLockedTime is used to indicate the account is Administratively Disabled.
A 000001010000Z value means that the account has been locked permanently, and that only a password administrator can unlock the account.
Attribute Definition#The PwdAccountLockedTime AttributeTypes is defined as:
- OID of 220.127.116.11.18.104.22.168.22.214.171.124
- NAME: PwdAccountLockedTime
- DESC: 'The time an user account was locked'
- EQUALITY: GeneralizedTimeMatch
- ORDERING: GeneralizedTimeOrderingMatch
- SYNTAX: 126.96.36.199.4.1.14188.8.131.52.24
- USAGE DirectoryOperation
PwdAccountLockedTime is cleared upon a successful login following an Intruder Detection.
More Information #There might be more information for this subject on one of the following:
- Administratively Disabled
- Locked Account Check
- Locked By Intruder
- Password Policy State Information
- SCIM Password Management Extension