We are using openldap to authenticate & authorize users. As part of security best practices we want to enforce password policies over users. LDAP has support for password policies.
Our requirement -1) When the administrator sets the "PwdReset" attribute for a particular user then bitbucket should force the user to change password before logging him in successfully.2) When the password for a particular user expires then bitbucket should prompt the user to change password before logging him in successfully. This condition depends on whether "PwdAllowUserChange" is set or not.
Required minimum permissions allowing users to update their specific passwords in the LDAP tree are in place.
Linux SSH supports both the above requirements. Please let us know if Bitbucket supports these or can be developed.
