There is a lot of confusion around password policies and the Directory Manager account. The Directory Manager account bypasses password policies, but there are so many people who use directory manager to manage user's passwords. Then they get upset because password policies are not working as they expect. This is mentioned here: https://access.redhat.com/documentation/en-US/Red_Hat_Directory_Server/10/html/Administration_Guide/User_Account_Management.html#Managing_the_Password_Policy-Setting_User_Passwords But I think we should change the wording to stop using "root DN": ---------------------- Warning Because password administrators and the root DN are not bound by password policy and syntax, they should not be used for user password management. You should only use these types of accounts to perform special password administration tasks that require violating the password policy. ... ---------------------- Change to: ---------------------- Warning Password administrators and the "Directory Manager", or Root DN, are not bound by password policy and syntax. This means these accounts completely bypass all password polices. These accounts should not be used for regular user password management. You should only use these accounts to perform special password administration tasks that require violating the password policies. ----------------------- Due to the fact that so many people are still making this mistake I think we should also add a duplicate warning to the start page of password policy doc: https://access.redhat.com/documentation/en-US/Red_Hat_Directory_Server/10/html/Administration_Guide/User_Account_Management.html#User_Account_Management-Managing_the_Password_Policy
The update is now available on the Customer Portal.