Password Synchronisation

The synch process compares the source password to the target password and if the target password is older, the source password will be copied over.

As far as password policy is concerned, you could create a staging OU in the target with a weaker password policy to allow you to get your objects created in the target without errors.  On cutover day, you could tell users to change the passwords to a more complex one when they login into the target domain.  At that point, you can move their accounts to their "correct" regular OUs.

During a full sync or migration session, it reads the source and writes the target. During a delta sync, it is based on the same thing AD replication is based on, the USN. So if the password in changed in the source (or read side or a two-way sync) it will be picked up to write to the target (or write sude of a two-way sync). By default the pwdlastset date/time will be compared and if it is newer it will be written. If it is older the password is copied. 

The password policy is not an issue. We do not copy passwords, we copy the password HASH. Only blank passwords fail. 

Thank you Jeff, if I understood well, if the password does not respect the complexity at the source domain, quest will keep the same password, so the user can login to the target domain with the same password ....... the complexity will apply when he wants to change the password

Great tip!