Hello, We have integrated keycloak 3.2 with our ldap backend via 4 federations (different filters to extract users). Our next goal is to use keycloak as a central password reset : this also works fine. The next step is to enforce policy in keycloak and not use the ldap one. For this, we have created a simple policy (6 chars mini). 2 of the federations are blocked by this (if we add a non compliant password) but not the 2 others : they seem to ignore the policy, what I don't really understand as the system should store all the policy info locally. As the passwords get updated the federations are correctly set up (ldapsearch checked). I even tried to force a password reset to a user as described in the docs after a policy change, but it still gets through. Am I missing some configuration ? Thanks for the help and guidance ! Sebastian