You can disable and bypass password policy evaluations.
The Directory Server provides a global configuration property
(disable-password-policy-evaluation
) that can disable most password
policy evaluation processing, which is convenient for those production environments that do
not require password policy support. If the disable-password-policy
property is set to true, passwords are still encoded and evaluated, but only account
expiration and account disabling is in effect. All other password policy properties, such
as password expiration, lockout, and force change on add or reset, are ignored.
The server also supports the use of a bypass-pw-policy
privilege, which
can skip password policy evaluation for operations on a per-user basis. If a user has this
privilege, then they are allowed to perform operations on user entries that would normally
be rejected by the password policy associated with the target entry.
This privilege does not have any effect for bind operations.