I’m trying to understand how to use controls and EXOP with ppolicy overlay. I can get controls in the result from bind to get info like expired password. I can use an exop to change the password in which case an invalid password will get refused, but I’m not sure how to get the ppolicy reason for the refusal. There is ldap_parse_passwordpolicy_control but I don’t know how to get a control object to give to it.
ldap_passwd_s does not return a result object for which to search controls in. It does take serverctrls and clientctrls as parameters but looking at the code it seems serversctrls is an input parameter, I’m not sure what it can be useful for. And clientctrls seems ignored, is it unused or deprecated?