When performing a tree-to-tree migration, you have the option to migrate users into the target server’s eDirectory tree. If you are migrating users, you have two choices for passwords:
Generate random passwords for the migrated users (by using the -r option of the migtrustees command). When using this option, you must always pass the --newusers-password-file option so that the randomly generated passwords and user names are stored in the file.
Assign a specific password for all migrated users (by using the -s option of the migtrustees command).
If neither -r nor -s is used, users are created without a password and the user accounts are locked until they are manually assigned a password by the administrator, using iManager or other eDirectory management tools. Null passwords (-s "") are not allowed.
The new passwords generated by the -r option are stored in a new file. To avoid password theft, dispose of this file in a secure manner after you have communicated the new passwords to their respective users.