A secure password policy minimizes the risks associated with easily-guessed passwords by enforcing the following:
Users must change their passwords according to a schedule.
Users must provide non-trivial passwords.
Accounts may be locked after a number of binds with the wrong password.
Directory Server provides several ways to set password policy at any node in a tree and there are several ways to set the policy. For details refer following Directory Server documentation:
http://docs.sun.com/source/816-6700-10/aci.html#14773
http://docs.sun.com/source/816-6698-10/useracct.html#14386