When attempting to synchronize password hash from one Active Directory domain to another the following error is displayed in the One Identity Quick Connect Administration Console:
Synchronization steps aborted. Details: Cannot read password hash value for the following object: CN=username,OU=OUname,DC=domain,DC=com Access is denied
By default the Quick Connect Capture Agent Service runs as the local system account. If this is changed to a domain user that does not have sufficient rights the error will be presented in Quick Connect when attempting to synchronize password hash.
Please ensure to set the Quick Connect Capture Agent Service to run as the local system account. Ensure to restart the Quick Connect Capture Agent Service once the change has been completed.