[389-users] 389 + sssd: Give user information about 389 server password policy

Hello, I enabled password complexity constraints, password history and password expiration (1 days min, 70 days max). When I use the command passwd to change a user's password, I get the error message: Password change failed. Server message: Failed to update password passwd: Authentication token is no longer valid; new one required In the following cases: Password was changed less than a days ago Password does not match complexity constraints Password is already in history My question: would it be possible to give better information to the user ? To let him know that his password is not matching constraints, already in history or changed recently ? I realize that some of this is related to sssd/pam, but I'd like to know if 389 server is at least able to tell this to sssd/pam. Thanks, Nicolas Martin