It is necessary to be able to send dry run creates and updates to DS to test the password policies. It is also necessary to pass the password quality advice to DS to get back detailed information on password policy failures. The DS repo service will need to be enhanced to pass those 2 parameters to rest2ldap if they are set in the incoming requests to the ds repo service. Those parameters can be tested by doing a direct repo action like so:
- MUST be able to do dryrun and password quality advice requests on the repo service directly.
- dryrun MUST not create the actual resource
- passwordQualityAdvice MUST return the DS password quality advice details