Environment
Identity Manager 4.6
Active Directory Password Synchronization
Active Directory Password Synchronization
Situation
Using the Passsync Troubleshooting Tool to check Active Directory Password Synchronization.
This tool is a windows executable and can be found on the install media in the \setup\utilities\PassSyncTroubleshootingTool folder.
When running the Domain Controller Check, the following error is generated
Error occurred while opening the registry key[SOFTWARE\NOVELL\PWFILTER\DATA]. Access is denied.
This happens even when using the Domain Administrator account
This tool is a windows executable and can be found on the install media in the \setup\utilities\PassSyncTroubleshootingTool folder.
When running the Domain Controller Check, the following error is generated
Error occurred while opening the registry key[SOFTWARE\NOVELL\PWFILTER\DATA]. Access is denied.
This happens even when using the Domain Administrator account
Resolution
Run regedit and right click on the key
HKLM\Software\Novell\PwFilter\Data
and select Permissions.
Select the Advanced option and add the Administrators Group.
Set the Read permission.
Make sure the box labeled "Replace all child object permission entries with inheritable permission entries from this object"
HKLM\Software\Novell\PwFilter\Data
and select Permissions.
Select the Advanced option and add the Administrators Group.
Set the Read permission.
Make sure the box labeled "Replace all child object permission entries with inheritable permission entries from this object"
is checked.
Cause
This registry key is protected by a trusted installer. By default, Administrator does not have the read permission.