I am not very familiar with eDirectory history and technologies since I
am more into synchronizing things but now I need to restrict users
access according to password expiration and intruder lockout. I tested
it and found out that changing password expiration time or applying
intruder lockout did not seem to have any effect on LDAP
authentications. User could authenticate no matter if password was with
expired date or with intruder lock out values.

Also when combined with forced password change it did prompt for new
password in iManager but can be skipped by answering "no", resulting in
dissappearance of password expiration value as well.

Could you please point me in a right direction on how to make a working
password expiration and intruder lockout on LDAP. I've tested it
manually with iManager but I am doing the final implementation with IDM.