On Mon, Oct 05, 2015 at 09:41:25PM +0000, Craig White wrote:
You need to have a 'pwdPolicySubentry' attribute assigned to each user and the value for that attribute would have to be a valid DN of the password policy itself.
Either that, or an appropriate olcPPolicyDefault configured on the ppolicy overlay instance (as above, value should be the DN of the default password policy entry). That will be used for any entry that doesn't have an explicit pwdPolicySubentry.