Can't change password of FreeIPA admin - "Current password's minimum life has not expired"
Solution 1:
It sounds like you have somehow created a password policy with a minimum password life longer than the maximum password life.
Remember that the maximum is specified in days while the minimum is specified in hours. If you mix these up, then it's easy to do this.
To confirm it, check the existing password policy:
ipa pwpolicy-find
ipa pwpolicy-show global_policy
Log in with a second admin account and change the password policy.
For instance, to set a minimum life of 7 days and a maximum life of 90 days:
From the command line:
ipa pwpolicy-mod global_policy --minlife 168 --maxlife 90
From the web UI:
The minimum life can also be set to zero to disable it.