1. Use dsconfig to edit the existing default configuration. In this example, we set the required minimum number of characters in a password to five.
    $ bin/dsconfig create-password-validator \ 
      --validator-name "Length-Based Password Validator" \ 
      --set max-password-length:5 --set min-password-length:5
  2. Update an existing password policy to use the Length-Based Password Validator.
    $ bin/dsconfig set-password-policy-prop \ 
      --policy-name "Default Password Policy" \
      --set "password-validator:Length-Based Password Policy"
  3. Test the Length-Based Password Validator by submitting a password that has fewer than the minimum number of required characters.
    $ bin/ldappasswordmodify \
      --authzID "uid=user.0,ou=People,dc=example,dc=com" --newPassword abcd
    The LDAP password modify operation failed with result code 53 
    Error Message: The provided new password failed the validation checks defined in 
    the server: The provided password is shorter than the minimum required length of 
    5 characters