Functionality of pqchecker.so for password quality

Role only configures ability to use ppolicy module. Full configuration of policies (eg.: pwdCheckQuality, pwdCheckModule) are done outside role, by specifying dn: cn=default,ou=pwpolicies,{{ ldap_base_distinguished_name }} attributes.

Using pwdCheckModule: pqchecker.so aplies default quality checks for passwords. For this container they are located in /etc/ldap/pqchecker/pqparams.dat and consists of:

# Data format: 0|UULLDDSS@)..
# Or         : 1|UULLDDSS@)..
#
# 1st character is the modified passwords broadcast flag. 1 -> Broadcast, 0 -> Don't broadcast
# 2nd character is a separator
# U: Uppercase, L: Lowercase, D: Digit, S: Special characters -> from 3rd to 10th charater.
# From the 11th character begins the list of forbidden characters
# Defaulti: No broadcast, 1 Uppercase, 1 Lowercase, 1 digit, 1 Special and no forbidden characters
0|01010101

The ability to change those defaults must consist of mounting this file during deploy with changed 0|01010101 line.