Description of problem:
Server side password policies always takes precedence over the policy enabled from client side.
e.g. On setting "ldap_pwd_policy=shadow", the policies defined with
shadow ldap attributes for a user has no effect if password policy
is enabled on the server(openldap).
Version-Release number of selected component (if applicable):
Fixed upstream -> POST
Verified with sssd-1.11.6-1.el6
man sssd-ldap has the following note:
Note: if a password policy is configured on server side, it always takes precedence over policy set with this option.
Since the problem described in this bug report should be
resolved in a recent advisory, it has been closed with a
resolution of ERRATA.
For information on the advisory, and where to find the updated
files, follow the link below.
If the solution does not work for you, open a new bug report.