(ITS#8207) ppolicy: pwdMinLength not checked if pwdInHistory == 0

Full_Name: Ian Bishop Version: 2.4.39 OS: Linux URL: ftp://ftp.openldap.org/incoming/ Submission from: (NULL) (2001:388:e001:ce00:f2de:f1ff:fea7:d755)

Using password policy overlay, pwdMinLength is not checked when pwdInHistory == 0.

I tested this by setting pwdMinLength=6 and pwdInHistory=0. I was then able to set a 3 character password. When I changed pwdInHistory > 0 and tried to set a 3 charactepapassword, the attempt was denied. I repeated this several times, and also restarted slapd just in case - same result.

Running Openldap 2.4.39 on Centos7, installed from Centos RPM repo.