How to change Password of users after first login in LDAP

I am using openldap-2.3.37 .
I did lots of RTFM but i am not able to change passwords of users after first login.
I was using ppolicy overlay .
My ppolicy file :-

dn: cn=basicPwdPolicy,dc=avaya,dc=com
cn: basicPwdPolicy
objectClass: device
objectClass: pwdPolicy
objectClass: top
pwdMustChange: TRUE
pwdReset: TRUE
pwdMaxAge: 600
pwdAttribute: 2.5.4.35



While adding the users to systems i have added following attributes to users ldif file:-
pwdMustChange: TRUE
pwdReset: TRUE


But still when i tried to login user into system it was giving following error:-
pwdReset true Access denied
However i am able to change the passwd of that user using passwd command and that user is able to login into system.

I sent a mail to openldap mailing list. I got reply that after adding the user use ldapmodify to work above policy. But sadly this also not worked .

So dig into ldap documentation again and to achieve this.
I found some interesting attributes :)

While adding user to ldap add the following entries into users ldif file:-

objectClass: shadowAccount
shadowLastChange: 1
shadowWarning: 7
shadowMin: 0
shadowMax: 1

Attribute shadowLastChange: 1 causes Password to expire after first login
If you do not want to change password after first login set its value to 13833

If you want to expire the passwords after specific days set shadowMax to resp values

Gosh ,finally i am able to expire the passwords :)

why ????

Thanks friends for responding me by making comments ,sending me mails and some friends of mine who does not send me direct email but sending out comments through other mails :)
As per your suggestion's i am trying to stick with only one topic
I will not mix all the stuffs together
Today as I am in good mood i will write about only why I don't have a GIRLFRIEND? and why i write a code ?
According to Bhavin(V* good friend of mine) i will tell you definition of a friend (girl)
Friend is someone whom a girl approaches for advice whether she is in love with someone else

Top reasons why I don't have girl friend

1 Girls who like me i don't like them

2 I do not like to become C?*i[a] by spending my precious time with them and listening stupid gossip from them

3 I am spending 80% of my time on sitting on terminal

4 Most important thing priorities in your life as I am damn serious about my career and life . I do not have enough time to spend on them

Oh i can write a lot other than code :D

So i will switch to our next topic i.e why i like to write code

When i am thinking about this topic i am not able to find the exact reason, when i like something i am not able to figure out why i liked that thing

But in programming i like scripting,C . I am able to find out reason of this thing
When you write code in C++ or Java you have to think a lot before writing single line of code like u have to do design first . 80 % of u r effort is for design
I do not know because of that i like scripting ?

According to Einstein every thing has its reason.
So can you tell me why do you like this post or not
Is there any reason behind it?

printf "Hello world \n"

This is my first blog entry...........................
Struggling for job after pass out from college finally got job in propriety company
At initial days that was learning curve for me ( learning is a relative term )
After doing some noobe coding , i felt i learn a lot because just i say learning is a relative term
But at this stage i am wondering what the hell i am doing here? How many lines of code i have written?
What am i doing now ?
testing documenting installation ......................................
Most important question why i am doing this
Answer is money
Afraid of if i go to another place i have to do same things
So why don't have to stick at one place :)

Yet no girl friend ,Its just like in pursuit of Happiness