Share via

Problem with passwords migration (ADMT)

Anonymous
2021-06-07T10:32:50.503+00:00

HI,
I have 2 AD domains in one forest. In every domain I have a the same password policy set with minimum password lenght 10 and password complexity.
I have to synchronize password between one and second AD domain.
I try to synchronize password by ADMT password command script.
Logged user can change the password with fulfilled requirements. But when I try to migrate password I received error: 

WRN:7557 Failed to copy the password for user. A strong password has been generated instead.  Unable to copy password. Unable to update the password. The value provided for the new password does not meet the length, complexity, or history requirements of the domain.

I user change the password to very hard, the copy of password bas status Successful.

Do the ADMT tool use another set of password complexity ?
Best regards

Active Directory
Active Directory
A set of directory-based technologies included in Windows Server.
6,006 questions

8 answers

Sort by: Most helpful
Most helpful Newest Oldest
  1. Daisy Zhou 19,276 Reputation points Microsoft Vendor
    2021-06-16T06:50:42.737+00:00

    Hello anonymous user,

    Thank you for your update.

    Did you deploy FGPP for AD group with some users only in the target domain?

    If so, I suggest you can migrate two test users in source domain to target domain as below:

    Create two test user accounts in source domain.

    User1 in source domain belongs to gourp1 =>apply password policy within Default Domain Policy (the same password policy as in target domain)
    User2 in source domain belongs to group2 =>apply password policy in FGPP (the same password policy as in target domain)

    User1 in target domain belongs to gourp11 =>apply password policy within Default Domain Policy (the same password policy as in source domain)
    User2 in target domain belongs to group22 =>apply password policy in FGPP (the same password policy as in source domain)

    Test the following entries:

    Test User1 meets 3 of these requirements and try to migrate this password.
    Test User1 meets 4 of these requirements and try to migrate this password.

    Test User2 meets 3 of these requirements and try to migrate this password.
    Test User2 meets 4 of these requirements and try to migrate this password.

    Then check if you can migrate them successfully.

    Should you have any question or concern, please feel free to let us know.

    Best Regards,
    Daisy Zhou

    ============================================

    If the Answer is helpful, please click "Accept Answer" and upvote it.

  2. Daisy Zhou 19,276 Reputation points Microsoft Vendor
    2021-06-18T09:27:28.917+00:00

    Hello anonymous user,

    I have tested it in my lab, and I can migrate user with meet 3 of these requirements.

    1-Set up FGPP in source domain and target domain.

    2-Create user account and password.

    3-Apply the user to use FGPP.

    4-I can migrate this user.

    Are my steps the same as yours?

    Should you have any question or concern, please feel free to let us know.

    Best Regards,
    Daisy Zhou

    ============================================

    If the Answer is helpful, please click "Accept Answer" and upvote it.

  3. Daisy Zhou 19,276 Reputation points Microsoft Vendor
    2021-06-21T03:32:12.82+00:00

    Hello anonymous user,

    Thank you for your update.

    Hope everything goes well in the future.

    Should you have any question or concern, please feel free to let us know.

    Best Regards,
    Daisy Zhou

    ============================================

    If the Answer is helpful, please click "Accept Answer" and upvote it.

    0 comments