A locked account means that the password may no longer be used to authenticate.
PwdAccountLockedTime is used to indicate the account is Administratively Disabled.
A 000001010000Z value means that the account has been locked permanently, and that only a password administrator can unlock the account.
Attribute Definition#The PwdAccountLockedTime AttributeTypes is defined as:
- OID of 18.104.22.168.22.214.171.124.126.96.36.199
- NAME: PwdAccountLockedTime
- DESC: 'The time an user account was locked'
- EQUALITY: GeneralizedTimeMatch
- ORDERING: GeneralizedTimeOrderingMatch
- SYNTAX: 188.8.131.52.4.1.14184.108.40.206.24
- USAGE DirectoryOperation
PwdAccountLockedTime is cleared upon a successful login following an Intruder Detection.
More Information #There might be more information for this subject on one of the following:
- Administratively Disabled
- Locked Account Check
- Locked By Intruder
- Password Policy State Information
- SCIM Password Management Extension