!!! Overview
The set password-max-suspension [DXServer Command] sets the time after which a suspended password reactivates.

This setting only applies to accounts that were suspended because the user tried to log in too many times with the wrong credentials, as set with the set password-retries command.

[CA Directory] uses the [Operational Attribute] [{$pagename}] to record the time since the account was suspended due to failed login attempts.

This command has the following format:
{{{
set password-max-suspension = number-seconds | 0 ;
}}}
* number-seconds - Specifies the time (in [seconds]) for which a suspended password remains suspended. After the time has passed, the account in active.
* 0 - (Default) Disables this feature.

[{$pagename}] with [DxPwdFailedAttempts] work to implement [Intruder Detection] within [CA Directory].

[{$pagename}] is one of the [CAD Password Commands and Operational Attributes|DXServer Password Commands and Operational Attributes]

!! Our Notes
Appears to be an attempt to follow the [Draft-behera-ldap-password-policy] attribute for [pwdFailureTime]; however, the attribute is [SINGLE-VALUE] and appears to be cleared on first successful bind.

!! Attribute Definition
The [{$pagename}] [AttributeTypes] is defined as:
* [OID] of [1.3.6.1.4.1.3327.6.12] 
* NAME: [{$pagename}]
* DESC: 
* [EQUALITY]: []
* [ORDERING]: []
* SYNTAX: [Generalized Time]
* [SINGLE-VALUE]
* [NO-USER-MODIFICATION]
* USAGE [UserApplications] 


!! More Information
There might be more information for this subject on one of the following:
[{ReferringPagesPlugin before='*' after='\n' }]