I have an Active Directory domain with a one-way synchronization with
eDirectory ( using the AD Driver in IDM 3.0.1. One way from eDir
to AD. Because of some problem I had with the AD driver, I ended up with
some account whose AD password got out of synch with the eDir password. I
thought I could fix the issue by removing the driver dirxml association
for those particular users and force a migration, however that did not
work. I ended up having to ask the user to do a password reset.

Is there a way to avoid having to ask a user to reset a password when
something like this happens? I know if I delete the account in AD and
force a migration, the password will get synchronized correctly, however,
I cannot delete my AD accounts because of files/directories ownerships.