On Wednesday 23 April 2008 02:51:22 farhan ahmed wrote:

Hi Buchan,

Please stay on-list.

Thanks for reply but I am using OpenLdap server rather than Directory Server. Any other suggestion ?

The point is, that even with Sun's on directory server, the Solaris pam_ldap does not support password policies correctly. As far as I understand, the OpenLDAP ppolicy feature (with a draft standard) is compatible with the relatively undocumented Netscape LDAP server feature. In the forum post I gave, you'll note that HP-UX's pam_ldap supports the password policies correctly ...

So, this is a limitation on the Solaris side, there isn't much you can do unless you can run PADLs pam_ldap.

Regards, Buchan