The ADPW.log file contains the error:
"(null) (null) Error 53 The server is not willing to handle directory requests (LDAP_UNWILLING_TO_PERFORM). Cannot modify the entry, dn: 'CN=Test,CN=Users,DC=domain,DC=local'. (ldap_modify_ext_s)."
In some cases the issue can be resolved when applying the MS hotfix on involved DC's, for more details please review the Microsoft KB Article ID: 906381 - "A security principal disappears from the Authorization Manager store of a Windows Server 2003-based trusted child domain after you close and then reopen Authorization Manager":
http://support.microsoft.com/?id=906381
NOTE: Even if it looks that the article describes a different issue it has been confirmed it resolves many migration related issues because migration tools try to add new users to a user group by using their object GUID.
The same error can be found in the History log file which is created after ADPW was executed.
© 2025 Quest Software Inc. ALL RIGHTS RESERVED. Terms of Use Privacy Cookie Preference Center