https://bugs.openldap.org/show_bug.cgi?id=6083

--- Comment #5 from Ondřej Kuzník ondra@mistotebe.net --- On Wed, Jun 04, 2025 at 10:59:16AM +0000, openldap-its@openldap.org wrote:

PS: and I would like to check, if a password is compromised. I already have an external checker for this. It just needs an interface to OpenLDAP. Information about compromised passwords and it's importance can be found at https://haveibeenpwned.com/

Hi Heiko, if that's what you need, you could write your own policy checker wrapper. If you feel you can design an interface fit for wider use, you can even submit it for inclusion and it will be considered.

But remember the slapd-sock overlay exists already and should be able to intercept the password change just fine if you don't need access to the rest of the entry being changed.

Thanks,