Dictionary for a password policy
You can create a dictionary for a password policy rule that rejects certain terms as passwords.
To use a dictionary for a password policy rule, you must
first create and load a dictionary.ldif file to the Identity Manager Server.
To create a dictionary for a password policy rule:
- Using an ASCII or other plain text editor, create a dictionary
that contains the list of terms in an LDAP Data Interchange Format
(LDIF) file.
For example, create a file similar to this
dictionary.ldiffile, which specifies the domain asdc=com:dn: erword=test,erdictionaryname=password, ou=itim, dc=com erWord: test objectclass: top objectclass: erDictionaryItem dn: erword=secret,erdictionaryname=password, ou=itim, dc=com erWord: secret objectclass: top objectclass: erDictionaryItem dn: erword=password,erdictionaryname=password, ou=itim, dc=com erWord: password objectclass: top objectclass: erDictionaryItem 
Use an LDAP browser to import the dictionary.ldiffile on to the Identity Manager Server.
Load the dictionary.ldiffile on to the IBM® Security Directory Server with one of these procedures:- Use an LDAP browser to import the
dictionary.ldiffile. - On the command prompt of the LDAP server, enter this command on
one line.
ITDS_HOME/bin/ldapadd.exe -h hostname -D cn=adminuser -w adminpwd -V 3 -f dictionary.ldif- -h hostname
- Specifies the host name of the computer on which the LDAP server is running.
- -D cn=adminuser
- Specifies the administrator's distinguished name to bind to the LDAP directory.
- -w adminpwd
- Specifies the administrator's distinguished name password, for simple authentication.
- -V ldap_version
- Specifies the version of the LDAP protocol to use. The default value is 3, for the LDAP v3 protocol. A value of 2 uses the LDAP v2 protocol.
- -f file
- Reads the entry modification information from a file such as
dictionary.ldif, instead of from standard input.
- Use an LDAP browser to import the
The dictionary file can now be used in the password strength rule.