Hello,

i'm running openldap with password policy overlay. after the overlay installation and configuration, we cannot change the passwords anymore.

ldappasswd -D cn=username,dc=domain,dc=tld -S -W
New password: ********
Re-enter new password: ********
Enter LDAP Password: ********
Result: Constraint violation (19)
Additional info: Password policy only allows one password value

this is my default password policy:

dn: cn=password-policy,dc=policies,dc=domain,dc=tld
objectClass: person
objectClass: pwdPolicy
objectClass: top
cn: password-policy
pwdAttribute: userPassword
sn: Default Password Policy
pwdAllowUserChange: TRUE
pwdExpireWarning: 604800
pwdInHistory: 3
pwdLockout: TRUE
pwdLockoutDuration: 7200
pwdMaxAge: 7776000
pwdMaxFailure: 5
pwdMinAge: 180
pwdMinLength: 8
pwdMustChange: TRUE
 

this is my password policy configuration:

dn: olcOverlay=ppolicy,dc=policies,dc=domain,dc=tld
objectClass: olcConfig
objectClass: olcOverlayConfig
objectClass: olcPPolicyConfig
objectClass: top
olcOverlay: ppolicy
olcPPolicyDefault: cn=password-policy,dc=policies,dc=domain,dc=tld
olcPPolicyUseLockout: TRUE
 

Does anyone know what to do?

Thanks in advance for any reply,

            Marco