> > Hi Kiran, it's working now. What happened is that in my password
policy,
> > I had changed ads-pwdallowuserchange=TRUE, but I hadn't restarted
the
> > LDAP server, and apparently password policy changes don't take
effect
> > until the server is restarted.
> >
> ah!
>
> >
> > Once I restarted, I could change the password when connected as the
user
> > I'm changing the password for. And, if I attempt to change the
password
> > before the pwdMinAge expires, I get a code = 19 "password is too
young
> > to update" error as expected. All good.
> >
> > Is there any way around requiring a restart of the server to have
> > password policy settings take effect? This would be a major issue
for us
> >
> not yet, I have been sitting on this idea for far too long, but the
effort
> stopped
> midway
>
> > because we create/change password policy configurations often (we
> > maintain password policies per customer).
> >
> >
> Thank you for your help!
> >
> >
> >
> >
>
Is there a way to formally request the enhancement to not require a
restart, or is it already on your radar and you'll get to it when you
can? We are very eager to get this capability added.
