What are the requirements for migrating passwords with DMA? (NETIQKB6220)

  • 7706220
  • 02-Feb-2007
  • 17-Oct-2007


What are the requirements for migrating passwords with DMA?


In order for passwords to be migrated with DMA, the following requirements must be met:

  • If a policy is in place on the target domain, the source domain account's password must meet the target domain's password policy. If it does not, the password must be changed to do so or the target domain password policy must be changed to meet the complexity of the source domain's passwords.
  • If the source domain is an NT domain or a Windows 2000 mixed mode domain, there must be at least one non-SYSKEY enabled BDC. DMA cannot migrate SYSKEY encrypted SAM databases. Typing SYSKEY /? at a command prompt will tell you the current encryption level of the BDC.
  • Passwords can be migrated from a Windows 2000 native mode source domain in an IntraForest migration scenario if the target domain is also Windows 2000 native mode. Under this scenario, DMA performs a move operation rather than a copy.


Please contact Technical Support to create a 'Support Request' for any issues you encounter that are not addressed by the User Guide, any Knowledge Base articles found on the website, or current Hotfixes available for download.

Additional Information

Formerly known as NETIQKB6220