Trac Ticket #45 - Fine Grained Password policy:
if passwordHistory is on, deleting the password fails.
https://fedorahosted.org/389/ticket/45
Bug description: To allow replicating unhashed password, an internal
entry contains the key value pair when the entry is newly added or
the password is updated. In that case, deleting the userpassword
attribute leaves the unhashed password in the internal entry.
If you attempt to add a new userpassword, the remaining unhashed
password makes the attempt fail due to LDAP_TYPE_OR_VALUE_EXISTS.
Fix description: This patch cleans up the unhashed password if a
userpassword is deleted and the unhashed password is found in the
internal entry. If it does not exist, the deletion does nothing.
(If the entry is read from the database, the unhashed password
does not exist in the internal entry since it is not stored in
the database.)