Hi Rajagopal,

 Can you confirm the below points?

 1) let us know the client application are you using.
 2) Paste here your slapd.conf  file.

On 20 November 2015 at 13:16, Rajagopal Rc <rajagopal.rc@tcs.com> wrote:
Hi,
I am trying to force users to change their password at first login or after
password reset by administrator.

Tried following:
1)Password policy 'pwdMustChange TRUE' doesn't seems to be working as non of the
users get prompt to change their password at first login.

2) used the 'pwdReset TRUE' attribute in users attributes, and it won't prompt
to change the password and didn't allow to login
i observe below messages in log

"slapd[12684]: connection restricted to password changing only
slapd[12684]: send_ldap_result: err=50 matched="" text="Operations are
restricted to bind/unbind/abandon/StartTLS/modify password"
slapd[12684]: conn=1053 op=1 SEARCH RESULT tag=101 err=50 nentries=0
text=Operations are restricted to bind/unbind/abandon/StartTLS/modify password"

Please help me configure the option to force all users to change their password
at first login or after pwd reset  by administrator.


Thanks & Regards
Raj

Tata Consultancy Services
Mailto: rajagopal.rc@tcs.com
Website:
http://www.tcs.com
____________________________________________
Experience certainty.        IT Services
                       Business Solutions
                       Consulting
____________________________________________

=====-----=====-----=====
Notice: The information contained in this e-mail
message and/or attachments to it may contain
confidential or privileged information. If you are
not the intended recipient, any dissemination, use,
review, distribution, printing or copying of the
information contained in this e-mail message
and/or attachments to it are strictly prohibited. If
you have received this communication in error,
please notify us by reply e-mail or telephone and
immediately and permanently delete the message
and any attachments. Thank you