https://bugs.openldap.org/show_bug.cgi?id=9571
--- Comment #4 from Matthew Hardin mhardin@symas.com --- Enabling the Netscape password policy controls in the ppolicy10 module provides a suitable workaround for many applications. For cases where that is not an acceptable workaround, ACLs can be set up to permit attribute access techniques
This ITS can be suspended in case further needs arise to support client applications that depended on specific ppoilicy8 behavior.