Environment
Identity Manager 4.8
Identity Manager Driver - Active Directory
Situation
Some passwords changes in Active Directory do not synchronize to the Identity Vault.
In looking at a startup remote loader trace, level 7 to file, the following error is received.
DirXML: [09/21/20 15:06:48.06]: ADDriver: [PWD 10436] PassSyncCache::GetPwdInfoByUser() returned 0x00000002
DirXML: [09/21/20 15:06:48.06]: ADDriver: [PWD] PasswordSync::getUserData() returned 0x00000002
DirXML: [09/21/20 15:06:48.06]: ADDriver: [PWD] PasswordSync::getUserData() returned 0x00000002
Resolution
A returned 0x00000002 indicates that the registry entry trying to be read is no longer available.
This can indicate that the password has timed out according to the "DC Passwords TimeToLive (minutes)" setting in Driver Parameters.
Make sure the setting "DC Passwords TimeToLive (minutes)" is set to -1 (default setting), which means do not time out the password change, in the driver parameters. (driver properties, driver configuration, driver parameters, access options, DC Passwords TimeToLive (minutes)) Then change the password and see if it synchronizes.