The server is preconfigured with an instance of the Pwned Passwords Password Validator.
Use the dsconfig tool to configure the Pwned Passwords Password Validator.
Run the dsconfig tool to update an existing password policy
to use the Pwned Passwords Password Validator, replacing
[PASSWORD_POLICY_NAME] with the name of your password
dsconfig set-password-policy-prop \ --policy-name "[PASSWORD_POLICY_NAME]" \ --add "password-validator:Pwned Passwords"
Test the validator by submitting a password that is known to be compromised;