I am *very* new to Identity Manager (and its lexicon) and am trying to get
a handle on this very complex product. I have had some success but have
hit a roadblock and am hoping someone can point me in the right direction.

1. I have users with identical usernames in AD and in eDirectory, up until
now they have been maintained as separate entities.

2. I am hoping to create a one-way synch such that AD passwords are sent
and eDirectory will use those passwords for NDS authentication (for
Zenworks agent and Groupwise).

3. I have set up a new eDirectory tree (called VAULT) which has IDM 3.5
installed. I have set up the AD synchronization and have my users
imported into the VAULT.

4. I have set up eDir to eDir synchronization from the VAULT to my
existing tree. However, when I move my users into the container which is
my synchronization base I get errors such as this:

DirXML Log Event -------------------
Driver: \VAULT\Driver\eDirectory Driver
Channel: Subscriber
Object: \VAULT\Test Accounts\DATEST
Status: Error
Message: Code(-9024) Unable to read current state of

From the bit of knowledge I have gleaned from the manuals, I am assuming
it is because the account that was imported from AD (DATEST) is not being
recognized as the same account that already existed in the existing tree.
How can I get the driver to sychronize the passwords for the accounts of
the same name?

I realize that this is probably a very newbie question, but I was hoping
this project would be fairly simple. Hopefully I was right and this will
be a minor hurdle.

Thanks in advance for any help or pointers.