Clément Oudot,

 

Thank you.

I have changed the rootdn from root to other user, it’s still not working. I can modified the user password same with before.

 

First check that your are sending you password in cleartext, so that OpenLDAP can check the syntax and compare it to passwords in history.

You might need to set pwdCheckQuality to 1 or 2 in your ppolicy, but I am not sure it is required to check history. It is needed to check password length and other checks from the optionnal password checker module.

Clément Oudot | Identity Solutions Manager

clement.oudot@worteks.com

Worteks | https://www.worteks.com