In CA Directory customers can define comprehensive password policies, as described in:
https://techdocs.broadcom.com/content/broadcom/techdocs/us/en/ca-enterprise-software/layer7-identity-and-access-management/directory/14-1/administrating/manage-user-accounts-and-passwords/how-to-set-up-a-password-policy.html
As of 14.1/sp4, enhancements have been added to the product as in:
Create Multiple Password Policies for Each DSA
to address customers' need to have different password policies applied to different organizational units within a given DSA.
This feature can only be achieved by splitting a DSA into multiple DSAs with 14.1/sp3 or older release.
Release : 12.x, 14.x
Component : CA Directory
For release specific features, please see the release comparison at the following link:
as of 14.1/sp4, when there are multiple password policies configured within a DSA, the first thing to keep mind is that the following order of preference is observed:
In terms of how a password policy can be created, please see the following link:
To find out the particular settings of the defined password policies and how to are applied the subtrees, you can telnet to the console port and list them using
get user;
Please also note that as of 14.1/sp5, the password storage type is global, it can not be set at password policy level. You can find the current type from the console port using the following command:
get oper;