The LDAP_SERVER_POLICY_HINTS_OID control is used with an LDAP operation to enforce the password history length constraint ([MS-SAMR] section during password set. The password history policy sets how frequently old passwords can be reused.

When sending this control to the DC, the controlValue field is set to the BER encoding of the following ASN.1 structure.

 PolicyHintsRequestValue ::= SEQUENCE {
     Flags    INTEGER

where Flags tells the server whether to apply the password history length constraint on password-set operations. If it is 0x1, then that constraint will be enforced. Otherwise, the constraint is not enforced.