Our java developers are needing their web app to acknowledge a password
on listed in the password history list. When trying to change a
password via the web app they should get an error from eDIR indicating a
used password. Currently we have the password history list size set to
The web app currently is telling us the password was changed
successfully when we test with a known password on the history list
(which it should not), BUT when actually trying to log in it errors out
as being an expired password. So technically the policy is working as
it is not allowing a password on the password history list to log in.
However, we would like for the web app to error when you attempt to
actually change the password.
Research so far indicates this maybe a known issue. Looking for a fix
or confirmation.

drcollins's Profile: https://forums.netiq.com/member.php?userid=12182
View this thread: https://forums.netiq.com/showthread.php?t=56427