> Is there any good way to setup a password policy using OpenLDAP to, for > example, enforce a minimum and maximum password length or to specify the > maximum number of retries before the user is locked out and so on. Nope. If you are a Linux/Solaris shop, you can use pam_cracklib to do this in your PAM password stack.