Is it possible to configure QMM to ignore password policy when synchronizing a password?

You can force QMM to try - which is basically what's going on. You can't force Active Directory to accept though. QMM can work with what AD lets it do - so it's not something you can force QMM to do, it's something you can tell AD to allow - which is to say you'd have to tell AD to relax its policies. There's nothing QMM can tell AD that will "convince" AD to do it. 

Can you confirm that with Dev? For instance, when we reset a password in ADUC, we can violate the history requirement. Is there any way to force QMM to do an "administrative" password reset, using the syncing password?

Can you confirm that with Dev? For instance, when we reset a password in ADUC, we can violate the history requirement. Is there any way to force QMM to do an "administrative" password reset, using the syncing password?

Don

Password history can be your pain point. It is maintained independently in both directories. So yes, you can reset the password and violate the history, but the sync can't. 

As you know, we sync/migrate the password HASH. So there is no way complexity can be validated. It is only blank password and history that is the issue. If the DC will not commit the "write" of the password, there is nothing we can do. They would need a solution that capture the password changes on the DC it is being changed and apply that change to the target directory. Something like One Identity Password Manager would fit that bill. 

Hey Jeff!

Forgive my ignorance with One Identity Password Manager. Are you saying that OIPM can "sync" the passwords regardless of the history on the target account? If so, is this an on-going sync, or is it a manual process?

Yes there are two method that password can be replicated using Password Manager. So that would be what I would add if there was a need for bi-directional password replication is near real time.