search for: ldap_server_policy_hints_oid

...;password history" policy enforcement. This is a security problem that will come up on the first security audit. Microsoft recognised this is a problem and in Windows 2008 R2 SP1 introduced a supportedControl on RootDSE: LDAP_SERVER_POLICY_HINTS_DEPRECATED_OID (1.2.840.113556.1.4.2066), later LDAP_SERVER_POLICY_HINTS_OID (1.2.840.113556.1.4.2239), which enables such password history enforcement on LDAP password resets. I've been trawling the internet and Samba source code looking for a way to achieve the same thing, to no avail. Does anyone have any suggestions on how to get password history to be enforced on...