Resolution
goal
How can I verify the target domain password policies?
fact
Domain Migration Administrator 7.x
fact
Domain Migration Administrator 6.x
fix
How can I verify the target domain password policies?
fact
Domain Migration Administrator 7.x
fact
Domain Migration Administrator 6.x
fix
You can use the Microsoft MMC Security Configuration and Analysis snap-in to help troubleshoot whether or not a security policy is causing the password copy process to fail.
FROM A DC ONLY:
- Click Start --> Run --> type in "MMC"
- Click Console --> Add/Removesnap-in
- Click Add
- Choose Security Configuration and Analysis
- Click Add
- Click Close
- Click OK
- Click on Security Configuration and Analysis in the left hand pane
- Right Click --> Open database
- Type a name for a new database
- Click Open
- Select Basic dc
- Click Open (If you receive an error after clicking open, click OK on the error and ignore it)
- Click on Security Configuration and Analysis in the left hand pane
- Right Click --> Analyze computer now
- Click OK (to log path)
- Expand tree to expose 'Password policy' (Security Configuration and Analysis --> Account Policies --> Password Policy)
- Examine the policy settings
To Make Changes:
- Double click on policy (Password History)
- Check the box for 'Define this policy in database'
- Enter value (0 passwords remembered) - make note of previous value
- Click OK
- Right click on Security Configuration and Analysis
- Select Configure computer now
- Click OK (to log path)
- Right click on Security Configuration and Analysis
- Click Analyze computer
- Verify policy was changed
To Return to previous value:
- Double click on policy setting
- Change the value back to the original setting
- Click Configure computer now
- Click Analyze
- Double click on policy
- Clear checkbox for 'define this setting'
Additional Information
Formerly known as NETIQKB28255