Full_Name: Sam Darwin Version: openldap-2.4.31 OS: Ubuntu 14.04 URL: ftp://ftp.openldap.org/incoming/ Submission from: (NULL) (82.169.106.169)

Showing informative error messages is very important, especially with complex software. In this case, the error was misleading, so maybe it can be updated.

$ ldappasswd -D "uid=exampleuser,ou=users,dc=example,dc=net"h h ldap01 -W -e ppolicy Enter LDAP Password: Result: Constraint violation (19) Additional info: Password fails quality checking policy control: 1.3.6.1.4.1.42.2.27.8.5.1 false MAOBAQY= ppolicy: error=6 (Password is too short for policy)

It looks like the password is too short, right?

Actually, the problem is completely different, which I discovered after some time.

-S "uid=exampleuser,ou=users,dc=example,dc=net" should also be added to that command.

So, the real error was either that no password at all had been provided, or no user had been provided, or both. It had not even requested a new password. The new password was not too short, it was non-existent, which is something else entirely.

So, my request is to make the error reporting more sophisticated here, and any place else that is analogous to this case. make the answer a bit more obvious.