The allows end users to change their own passwords, or administrators to reset user passwords. The password modify extended operation is defined in RFC 3062. It includes the ability for users to provide their current password for further confirmation of their identity when changing the password, and it also includes the ability to generate a new password if the user does not provide one. ds-cfg-password-modify-extended-operation-handler ds-cfg-extended-operation-handler org.opends.server.extensions.PasswordModifyExtendedOperation Specifies the name of the identity mapper that should be used in conjunction with the password modify extended operation. This property is used to identify a user based on an authorization ID in the 'u:' form. Changes to this property take effect immediately. The referenced identity mapper must be enabled when the is enabled. ds-cfg-identity-mapper