I am using ppolicy overlay to enforce password policies.
Following is my ppolicy configuration/ldif.
dn: cn=policies,dc=example,dc=com
objectClass: top
objectClass: device
objectClass: pwdPolicy
cn: policies
pwdAttribute: userPassword
pwdMaxAge: 7516800
pwdExpireWarning: 432000
pwdInHistory: 6
pwdCheckQuality: 1
pwdMinLength: 8
pwdMaxFailure: 4
pwdLockout: TRUE
pwdLockoutDuration: 1920
pwdGraceAuthNLimit: 0
pwdFailureCountInterval: 0
pwdMustChange: TRUE
pwdAllowUserChange: TRUE
pwdSafeModify: FALSE
while changing password on first login I got following error.
WARNING: Your password has expired.
You must change your password now and login again!
Changing password for user prasad.
Enter login(LDAP) password:
New UNIX password:
Retype new UNIX password:
LDAP password information update failed: Constraint violation
Password is too young to change
passwd: Permission denied
Connection to myhost closed.
Meghanand N Acharekar.