Hi, I'm trying to set up a temporary password by adding the ads-pwdMustChange configuration to my custom password policy. My custom password policy also has some syntax checking through a custom password validator. The issue is that in order to get the pwdReset flag to work I have to bind to ldap with the uid=admin,ou=system user. However, when I do that then the password validation is not done.
If I bind with some other user then the password validation gets enforced, but then the pwdReset flag is not set. Is my only option to bind with a normal user and change the password, then bind with uid=admin,ou=system and add pwdReset=TRUE? My team doesn't really want to bind uid=admin,ou=system at all. In that case, how can I set the pwdReset attribute? Thanks, Michael Pittman
