Overview#
PwdChangedTime attribute specifies the last time the entry's password was changed. (Draft-behera-ldap-password-policy)Typically PwdChangedTime is used by the password expiration policy.
If there is no PwdChangedTime Attribute Value does not exist, the password will never expire. (Some LDAP Server Implementations this may only be True after first Password Modify Operation)
Attribute Definition#
The PwdChangedTime AttributeTypes is defined as:- OID of 1.3.6.1.4.1.42.2.27.8.1.16
- NAME: PwdChangedTime
- DESC: 'The time the password was last changed'
- EQUALITY: generalizedTimeMatch
- ORDERING: generalizedTimeOrderingMatch
- SYNTAX: generalizedTime
- SINGLE-VALUE
- NO-USER-MODIFICATION
- USAGE DirectoryOperation
Known LDAP Server Implementations of PwdChangedTime#
Several LDAP Server Implementations use the PwdChangedTime AttributeType but MAY or may not follow the usage of "precise" Draft-behera-ldap-password-policyMore Information#
There might be more information for this subject on one of the following:- 1.3.6.1.4.1.42.2.27.8.1.16
- 2.16.840.1.113719.1.1.6.1.33
- Draft-behera-ldap-password-policy
- EDirectory Password Expiration
- Edirectory Administrative Password Changes
- NdsLoginProperties
- NovellS Challenge Response System
- NspmPasswordAux
- Password Policy State Attribute
- Password Policy State Information
- PasswordExpirationTime
- Pwd-Last-Set attribute
- PwdLastSet
