# phpman > man > Net::LDAP::Control::PasswordPolicy(3pm)

## NAME
    [Net::LDAP::Control::PasswordPolicy](https://www.chedong.com/phpMan.php/perldoc/Net%3A%3ALDAP%3A%3AControl%3A%3APasswordPolicy/markdown) - LDAPv3 Password Policy control object

## SYNOPSIS
     use [Net::LDAP](https://www.chedong.com/phpMan.php/perldoc/Net%3A%3ALDAP/markdown);
     use [Net::LDAP::Control::PasswordPolicy](https://www.chedong.com/phpMan.php/perldoc/Net%3A%3ALDAP%3A%3AControl%3A%3APasswordPolicy/markdown);
     use [Net::LDAP::Constant](https://www.chedong.com/phpMan.php/perldoc/Net%3A%3ALDAP%3A%3AConstant/markdown) qw( LDAP_CONTROL_PASSWORDPOLICY );

     $ldap = [Net::LDAP](https://www.chedong.com/phpMan.php/perldoc/Net%3A%3ALDAP/markdown)->new( "ldap.example.com" );

     $pp = [Net::LDAP::Control::PasswordPolicy](https://www.chedong.com/phpMan.php/perldoc/Net%3A%3ALDAP%3A%3AControl%3A%3APasswordPolicy/markdown)->new;

     $mesg = $ldap->bind( "cn=Bob Smith,dc=example,dc=com",
                          password => "secret",
                          control => [ $pp ] );

     # Get password policy response
     my($resp)  = $mesg->control( LDAP_CONTROL_PASSWORDPOLICY );

     if (defined($resp)) {
       my $v = $resp->pp_error;
       print "Password policy error $v\n"  if defined $v;
       $v = $resp->time_before_expiration;
       print "Password expires in $v second(s)\n"  if defined $v;
     }

## DESCRIPTION
    "[Net::LDAP::Control::PasswordPolicy](https://www.chedong.com/phpMan.php/perldoc/Net%3A%3ALDAP%3A%3AControl%3A%3APasswordPolicy/markdown)" provides an interface for the creation and manipulation of
    objects that represent "PasswordPolicyRequest"s and "PasswordPolicyResponse"s as described by
    draft-behera-password-policy-09.

    This control can be passed to most operations, including the bind.

## CONSTRUCTOR ARGUMENTS
    There are no constructor arguments other than those provided by [Net::LDAP::Control](https://www.chedong.com/phpMan.php/perldoc/Net%3A%3ALDAP%3A%3AControl/markdown).

## METHODS
    time_before_expiration
        If defined, this is an integer value holding the time left in seconds before the account's
        password will expire.

    grace_authentications_remaining
        If defined, this is an integer value holding the number of authentication requests allowed
        before the account is locked.

    pp_error
        If defined, this contains a more detailed error code for the account. See
        [Net::LDAP::Constant](https://www.chedong.com/phpMan.php/perldoc/Net%3A%3ALDAP%3A%3AConstant/markdown) for definitions of each. Values can include:

        LDAP_PP_PASSWORD_EXPIRED
        LDAP_PP_ACCOUNT_LOCKED
        LDAP_PP_CHANGE_AFTER_RESET
        LDAP_PP_PASSWORD_MOD_NOT_ALLOWED
        LDAP_PP_MUST_SUPPLY_OLD_PASSWORD
        LDAP_PP_INSUFFICIENT_PASSWORD_QUALITY
        LDAP_PP_PASSWORD_TOO_SHORT
        LDAP_PP_PASSWORD_TOO_YOUNG
        LDAP_PP_PASSWORD_IN_HISTORY

## SEE ALSO
    [Net::LDAP](https://www.chedong.com/phpMan.php/perldoc/Net%3A%3ALDAP/markdown), [Net::LDAP::Control](https://www.chedong.com/phpMan.php/perldoc/Net%3A%3ALDAP%3A%3AControl/markdown), [Net::LDAP::Constant](https://www.chedong.com/phpMan.php/perldoc/Net%3A%3ALDAP%3A%3AConstant/markdown), draft-behera-ldap-password-policy-09.txt

## AUTHOR
    Chris Ridd <<chris.ridd@isode.com>>

    Please report any bugs, or post any suggestions, to the perl-ldap mailing list
    <<perl-ldap@perl.org>>

## COPYRIGHT
    Copyright (c) 2008 Chris Ridd. All rights reserved. This program is free software; you can
    redistribute it and/or modify it under the same terms as Perl itself.