Password requirements for LDAP update user function

Dear community,

currently we are testing privacyIDEA. We were already able to connect our LDAP directory und use it for authentication. Moreover the test user is able to change his LDAP password via privacyIDEA Web UI - this works perfectly fine.

Now we wonder, whether it is possible to set password requirements (such as minimum length and complexity with small/capital letters, special characters, etc.) for the LDAP password. At the moment we use another tool to provide the password change function for the users and we would like to replace it with privacyIDEA, when we use it for 2FA anyhow. Is there a way to enable this?

Thank you very much in advance!
Best regards
kofo

privacyIDEA does not check password policies for user resolvers.
I would assume that the LDAP has password policies and changing a password that does not comply would return an error to privacyIDEA.

Note: privacyIDEA is not ment as user management system!

Thank you for your response!
Yes I agree, it would make sense to enforce the policies on the LDAP server itself. But at the moment these modules are not implemented in our server. We use a different approach and check the compliance on the webserver, that offers the service to change the user passwords. Therefore, we would have to reconsider our concept. But thanks again for your input!

Hi kofo, I see you managed to setup that user can change his ldap password over privacyidea Web UI.
I managed to setup that only admin could do that. User have this option and even pravacyidea says that password was changed successfully but in ldap is not changed (we use for ldap freeipa, actually still in testing stage not in use yet). I try different settings to setup selfservice policy for user and was always unsuccessful. How did you manage to do that?
thanks for answer in advance
best regards
Ales