Passwords not synchronizing when migrating from AD

  • 3239388
  • 13-Nov-2007
  • 16-Mar-2012


IDM 3.0.X
IDM 3.5.X
Novell Active Directory Driver


Passwords not synchronizing when migrating from AD


There are a couple way to approach this. One is to create a policy that will set the password to some value on an add to eDirectory. Another is to perform the migrate, but let users know their account will be inaccessible until they change their password. Part of the solution in the latter case may be to force a password change.

Additional Information

The reason the password was not synchronizing is that the password in AD was not capable of being reverse-encrypted, and so could not be retrieved. That is the same reason we need password filters on all domain controllers: we do not sync a password, but rather a password change if that change originates in AD. The filters then pick up that change and forward it to the agent before the password is written to AD. If the password is written to AD before it is intercepted, we cannot read it.

Formerly known as TID# 10096875