- configure password policy:
- set userpassword to a crypto block like this, taken from IDM:
(this should not happen normally, as the password should be decrypted on IDM before sync-ing to DS)
- error log:
1. set password history count to 0.
2. ldappasswordmodify should work now. Modify userpassword, removing that crypto block.
3. set password history count back to desired value.