diff --git a/CHANGES b/CHANGES
index fe21a701db742f408e6f32b7efce02af24d0ec37..a9852b504dcfd4cd10fde0e2700be9fc3a1b0a27 100644
--- a/CHANGES
+++ b/CHANGES
@@ -45,6 +45,7 @@ OpenLDAP 2.4.17 Engineering
 	Fixed slapo-dds entry expiration (ITS#6169)
 	Fixed slapo-perl symbols (ITS#5658)
 	Fixed slapo-ppolicy to honor pwdLockout (ITS#6168)
+	Fixed slapo-ppolicy to return check modules error message (ITS#6082)
 	Fixed slapo-refint refint_repair handling (ITS#6056)
 	Added slapo-rwm rwm-drop-unrequested-attrs config option (ITS#6057)
 	Fixed slapo-rwm dn passing (ITS#6070)
diff --git a/servers/slapd/overlays/ppolicy.c b/servers/slapd/overlays/ppolicy.c
index d9fdedaeb14ecd24705369416f10236febc8719b..10870f3755ef9c30e661703eb3032aceb23132ad 100644
--- a/servers/slapd/overlays/ppolicy.c
+++ b/servers/slapd/overlays/ppolicy.c
@@ -584,7 +584,7 @@ password_scheme( struct berval *cred, struct berval *sch )
 }
 
 static int
-check_password_quality( struct berval *cred, PassPolicy *pp, LDAPPasswordPolicyError *err, Entry *e )
+check_password_quality( struct berval *cred, PassPolicy *pp, LDAPPasswordPolicyError *err, Entry *e, char **txt )
 {
 	int rc = LDAP_SUCCESS, ok = LDAP_SUCCESS;
 	char *ptr = cred->bv_val;
@@ -592,6 +592,9 @@ check_password_quality( struct berval *cred, PassPolicy *pp, LDAPPasswordPolicyE
 
 	assert( cred != NULL );
 	assert( pp != NULL );
+	assert( txt != NULL );
+
+	*txt = NULL;
 
 	if ((cred->bv_len == 0) || (pp->pwdMinLength > cred->bv_len)) {
 		rc = LDAP_CONSTRAINT_VIOLATION;
@@ -658,16 +661,13 @@ check_password_quality( struct berval *cred, PassPolicy *pp, LDAPPasswordPolicyE
 					pp->pwdCheckModule, err, 0 );
 				ok = LDAP_OTHER;
 			} else {
-				char *txt = NULL;
-
 				ldap_pvt_thread_mutex_lock( &chk_syntax_mutex );
-				ok = prog( ptr, &txt, e );
+				ok = prog( ptr, txt, e );
 				ldap_pvt_thread_mutex_unlock( &chk_syntax_mutex );
 				if (ok != LDAP_SUCCESS) {
 					Debug(LDAP_DEBUG_ANY,
 						"check_password_quality: module error: (%s) %s.[%d]\n",
-						pp->pwdCheckModule, txt ? txt : "", ok );
-					free(txt);
+						pp->pwdCheckModule, *txt ? *txt : "", ok );
 				}
 			}
 			    
@@ -1328,12 +1328,13 @@ ppolicy_add(
 			struct berval *bv = &(pa->a_vals[0]);
 			int rc, send_ctrl = 0;
 			LDAPPasswordPolicyError pErr = PP_noError;
+			char *txt;
 
 			/* Did we receive a password policy request control? */
 			if ( op->o_ctrlflag[ppolicy_cid] ) {
 				send_ctrl = 1;
 			}
-			rc = check_password_quality( bv, &pp, &pErr, op->ora_e );
+			rc = check_password_quality( bv, &pp, &pErr, op->ora_e, &txt );
 			if (rc != LDAP_SUCCESS) {
 				LDAPControl **oldctrls = NULL;
 				op->o_bd->bd_info = (BackendInfo *)on->on_info;
@@ -1342,7 +1343,10 @@ ppolicy_add(
 					ctrl = create_passcontrol( op, -1, -1, pErr );
 					oldctrls = add_passcontrol( op, rs, ctrl );
 				}
-				send_ldap_error( op, rs, rc, "Password fails quality checking policy" );
+				send_ldap_error( op, rs, rc, txt ? txt : "Password fails quality checking policy" );
+				if ( txt ) {
+					free( txt );
+				}
 				if ( send_ctrl ) {
 					ctrls_cleanup( op, rs, oldctrls );
 				}
@@ -1423,7 +1427,7 @@ ppolicy_modify( Operation *op, SlapReply *rs )
 	Attribute		*pa, *ha, at;
 	const char		*txt;
 	pw_hist			*tl = NULL, *p;
-	int			zapReset, send_ctrl = 0;
+	int			zapReset, send_ctrl = 0, free_txt = 0;
 	Entry			*e;
 	struct berval		newpw = BER_BVNULL, oldpw = BER_BVNULL,
 				*bv, cr[2];
@@ -1748,8 +1752,6 @@ ppolicy_modify( Operation *op, SlapReply *rs )
 		/*
 		 * we have a password to check
 		 */
-		const char *txt;
-		
 		bv = oldpw.bv_val ? &oldpw : delmod->sml_values;
 		/* FIXME: no access checking? */
 		rc = slap_passwd_check( op, NULL, pa, bv, &txt );
@@ -1783,10 +1785,15 @@ ppolicy_modify( Operation *op, SlapReply *rs )
 	bv = newpw.bv_val ? &newpw : &addmod->sml_values[0];
 	if (pp.pwdCheckQuality > 0) {
 
-		rc = check_password_quality( bv, &pp, &pErr, e );
+		rc = check_password_quality( bv, &pp, &pErr, e, (char **)&txt );
 		if (rc != LDAP_SUCCESS) {
 			rs->sr_err = rc;
-			rs->sr_text = "Password fails quality checking policy";
+			if ( txt ) {
+				rs->sr_text = txt;
+				free_txt = 1;
+			} else {
+				rs->sr_text = "Password fails quality checking policy";
+			}
 			goto return_results;
 		}
 	}
@@ -2039,6 +2046,10 @@ return_results:
 		oldctrls = add_passcontrol( op, rs, ctrl );
 	}
 	send_ldap_result( op, rs );
+	if ( free_txt ) {
+		free( (char *)txt );
+		rs->sr_text = NULL;
+	}
 	if ( send_ctrl ) {
 		if ( is_pwdexop ) {
 			if ( rs->sr_flags & REP_CTRLS_MUSTBEFREED ) {