Full_Name: Kevin Xie Version: 2.3.39 OS: RHEL 4 update 3 URL: ftp://ftp.openldap.org/incoming/ Submission from: (NULL) (147.21.16.3)

I am testing ppolicy on OpenLDAP 2.3.39 and 2.3.38. When user password expired, LDAP forced user to change password using "passwd", it bypassed all the ppolicy settings, like, PwdMinLength, PwdInHistory. Is there a way to force "passwd" to check LDAP ppolicy like "ldappasswd" does? Is it because "passwd" and "ldappasswd" using different encryption methods?

I've uploaded ppolicy and slapd.conf in khxie_ppolicy.txt. I've google searched the issue and didn't find any anwser.

Thanks for your help.

Kevin Xie