5 Replies Latest reply on Jun 17, 2019 6:40 PM by Bhanu Bobbili

    Can't modify password policy for user(s)


      I've created a new password policy based on the default password policy named "Test Password Policy". I would like to change a specific user to this new policy.

      See the steps I've completed below:


      Change pwdPolicySubentry to use the our new policy (Test Password Policy):


      ldapmodify -h myserver -D "cn=Directory Manager" -W -f AddPasswordPolicytoUser.ldif


      Contents of AddPasswordPolicytoUser.ldif (also note that I've tried add instead of replace)

      dn: uid=testuser,ou=people,dc=base

      changetype: modify

      replace: pwdPolicySubentry

      pwdPolicySubentry: cn=Test Password Policy,cn=config


      Check to see if the change applied


      ldapsearch -h myserver -D "cn=Directory Manager" -b "ou=People,dc=base" -W -s sub "(uid=testuser)" pwdPolicySubentry



      # extended LDIF


      # LDAPv3

      # base <ou=People,dc=base> with scope subtree

      # filter: (uid=testuser)

      # requesting: pwdPolicySubentry



      # testuser, people, base

      dn: uid=testuser,ou=people,dc=base

      pwdPolicySubentry: cn=peoplePassPolicy,dc=base


      # search result

      search: 2

      result: 0 Success


      # numResponses: 2

      # numEntries: 1


      As you can see the pwdPolicySubentry is not set to Test Password Policy,cn=config


      ldap software info: DSEE11

      Sun Directory Server


      Please advise