https://bugs.openldap.org/show_bug.cgi?id=10199
--- Comment #3 from Quanah Gibson-Mount quanah@openldap.org --- (In reply to Kiruthiga from comment #2)
I tried the same with 2.5.9 as well.
Why? The current 2.5 release is 2.5.17.
In any case, your behavior expectations do not line up with the man page:
Every account that should be subject to password policy control should have a pwdPolicySubentry attribute containing the DN of a valid pwdPolicy entry, or they can simply use the configured default. In this way different users may be managed according to different policies.
See also the Admin guide:
https://www.openldap.org/doc/admin25/overlays.html#Password%20Policies
If you have further usage questions about ppolicy, I suggest you use the openldap-technical email list. You can subscribe at https://lists.openldap.org/