The effects of password controls specified in a profile definition vary from those controls applied directly to a user in a CREATE USER or MODIFY USER statement.
|Password Control Attribute||Effects|
|EXPIRE||Applies to first level user to which the profile is assigned, and is effective immediately|
|MINCHAR and MAXCHAR||Does not apply to first level user to which the profile is assigned, rather it applies only to the children of that user.
As a result of these second-level effects, if the user submitting the CREATE USER statement is a member of a profile that specifies values for password control attributes, the password the creator assigns in the CREATE USER statement must comply with the password controls in the creator profile.
Controls take effect at the first child user logon after the child is created or modified.
To apply password controls to first-level users not affected by profile-based controls, you can Allow the users to defer to the global controls in DBC.SysSecDefaults.
|MAXLOGONATTEMPTS||Applies to first level users to which the profile is assigned, at the next logon attempt.|