AD to EDIR Password sync failing & no [PWD] tracing in remote loader logs

  • 7003222
  • 06-May-2009
  • 29-Apr-2013


Novell Identity Manager 3.6
Novell Identity Manager 3.5.1


Password sync is not occuring from Active Directory to eDirectory.   When you change the password on Active Directory, PWFilter picks it up and places it in the HKLM\SOFTWARE\Novell\PwFilter\Data\'username' \ key, where it gets stuck and is not forwarded on to the HKLM\SOFTWARE\Novell\PassSync\Data\'username'\ key on the remote loader server and sent across to eDirectory.
Setting the Trace Level to 5 on the remote loader, which should show details on the password sync process in the form of lines with the [PWD] tag in front of them, does not show ANY password sync details.  In other words, the trace does not show any lines with [PWD] on them.


The Driver Parameters were missing and or incomplete on the driver object. 
Missing Driver Parameters

Correct Driver Parmeters (as of IDM 3.6.1, expanded)

To get the driver parameters back, install a new AD driver using the current template for the IDM version you are running, then edit the xml for the Driver Paramters and copy the xml to the driver parameters on the problem driver and save them.  Restart the driver and you should now have Password tracing [PWD] and your passwords may be syncing again.    If passwords are still not syncing from Active Directory, see TID 3614450 - Password Sync 2.0 - AD to eDirectory Components for assistance in troubleshooting password synchronization.