A locked account means that the password may no longer be used to authenticate.
PwdAccountLockedTime is used to indicate the account is Administratively Disabled.
A 000001010000Z value means that the account has been locked permanently, and that only a password administrator can unlock the account.
Attribute Definition#The PwdAccountLockedTime AttributeTypes is defined as:
- OID of 126.96.36.199.188.8.131.52.184.108.40.206
- NAME: PwdAccountLockedTime
- DESC: 'The time an user account was locked'
- EQUALITY: GeneralizedTimeMatch
- ORDERING: GeneralizedTimeOrderingMatch
- SYNTAX: 220.127.116.11.4.1.1418.104.22.168.24
- USAGE DirectoryOperation
PwdAccountLockedTime is cleared upon a successful login following an Intruder Detection.
More Information #There might be more information for this subject on one of the following:
- Administratively Disabled
- Locked Account Check
- Locked By Intruder
- Password Policy State Information
- SCIM Password Management Extension