Resolution
Domain Migration Administrator 6.x
fact
Domain Migration Administrator 7.x
symptom
[7547]E20688: Failed to copy password from user1 to user1, hr=8007052d. Unable to update the password. The value provided for the new password does not meet the length, complexity, or history requirement of the domain.
cause
This error appears when attempting to synchronize the password of a migrated user account with the password of the source account, but the password from the source account does not comply with a password history, or password age policy implemented on the target domain. If the password does not meet these policies of the target domain, Domain Migration Administrator (DMA) will generate a random complex password. This error can occur when migrating a user with the option to copy the password from the source account, or when using the 'Synchronize Passwords' wizard.
fix
To resolve, refer to the following:
- Change the source password prior to migration to a value that meets the requirements of the target domain.
- Examine the target domain password policies and temporarily change the policies to allow less stringent passwords during the migration.
note
When completing the 'Migrate User Accounts' wizard, if you select the option to 'Copy password from source user' and the target domain policy is enforcing password history, then you will receive a warning such as '1 is the minimum password history requirement on the target domain, those users that have passwords that do not fulfill this requirement will have their passwords set to a created value.' This is a warning to let you know that if the source account password does not meet this requirement, then DMA will generate a random complex password for this user.
note
For more information on migrating passwords with DMA, refer to article the following knowledge base article:
https://www.netiq.com/kb/esupport/consumer/esupport.asp?id=NETIQKB6220