15.5 Managing Passwords for Migrated Users

When performing a tree-to-tree migration, you have the option to migrate users into the target server’s eDirectory tree. If you are migrating users, you have two choices for passwords:

  • Generate random passwords for the migrated users (by using the -r option of the migtrustees command). When using this option, you must always pass the --newusers-password-file option so that the randomly generated passwords and user names are stored in the file.

    or

  • Assign a specific password for all migrated users (by using the -s option of the migtrustees command).

If neither -r nor -s is used, users are created without a password and the user accounts are locked until they are manually assigned a password by the administrator, using iManager or other eDirectory management tools. Null passwords (-s "") are not allowed.

The new passwords generated by the -r option are stored in a new file. To avoid password theft, dispose of this file in a secure manner after you have communicated the new passwords to their respective users.