Looking for information about how password history works if you don't
have Universal Password enabled (i.e. relying solely upon the "require
unique password" setting on the user accounts). Mainly what I'm trying
to figure out is whether an admin-style reset (i.e. resetting another
user's password) checks and/or enforces password history when it's set.
I've found rather little on the topic as password history hits all seem
to be related to Universal Password settings. We have an older
application that's saying that in one release of their software,
reseting with an appid will know whether a password has been used, but a
newer version that uses a different directory and appid can reset to an
old password as much as it wants (and from what I can tell, the
password-related settings are the same in both directories). In my
testing, the only thing I've found is that you can replace an existing
password on another object, but you can't delete/add an existing
password on another object (using LDIF), which is one difference that I
see based on looking at traces I've grabbed. We aren't using UP on
these accounts due to some conflicts of functionality that happens when
we turn it on and use a password policy. We're started rolling out 8.8
SP7 patch 3, but the results are the same on that version or on 8.8 SP6
patch2, which is what we were running. Servers are SLES11 SP2 (not

infinity9999's Profile: https://forums.netiq.com/member.php?userid=1343
View this thread: https://forums.netiq.com/showthread.php?t=48444