On 18 Nov 2008, at 15:41, Hugo Etievant wrote: > hello, > > The admin Guid says that : "Make sure that the Active Directory > password complexity policies are enabled so that the *Password Sync* > service will run. Run |secpol.msc|, and select *Security Settings*, > then *Account Policies*, and *Password Policy*. Make sure that | > Password must meet complexity requirements| is selected. " ( cf http://www.redhat.com/docs/manuals/dir-server/ag/8.0/Windows_Sync-Configuring_Windows_Sync.html > ) > > I done the installation same as required. > > But after a week, I have reconfigured Active Directory and > unactivate the "|Password must meet complexity requirements|" > attribute. > Windows Sync continue to work without problem : new very simple > password (for example, password identical to login) are synchronized > between AD and FDS. > > Why the Admin Guide says this attribute is mandatory ? The facts > show that it is not ! > > Is it a bug ? > > > The |complexity requirements are too much complicated for my users > (and are no configurable), i must unactivate it.| Based on my experiments, you don't have to have complexity requirements turned on in AD and FDS but it would be a good idea to ensure any requirements are the same in both. Otherwise some passwords might work and others not. You can turn off the requirement in FDS - I don't remember where and don't have access to my system right now - but try right clicking in the directory console at the userRoot, I think there is something about this in the menu. John
