2013/4/10 D C <dc12078@gmail.com>
I
have tried using ppolicy, but it is not really doing anything.
I can confirm that my policy is being used by flipping the "pwdSafeModify" attribute.

When set to true, users cannot change their password and they get a message saying that they need to send both the old and new password together.

Other than that, none of the other fields seem to have any effect.

Do you have a working example of ppolicy?

Are you sure your are not using the root account (rootdn) to change the password?

What version of OpenLDAP are you using?

Clément.