Re: Change domain
In news:4B52546D-5D4E-42D9-BCD6-3C7C31FD5A54@microsoft.com,
John Holt <johnh@regionv.k12.mn.us> typed:
> Hi guys,
>
> Got a good one for ya. 
> I have a couple of users that are in a domain and I want to move them
> to another domain. I want to do it as painless as possible to them. Would
> be nice if they could use the same profile on their
> workstation. That's the kicker. How can I move them and use the
> same profile under Documents and Settings as they always have,
> preserving all their register entries for the various programs they
> use???
> Thanks,
> John
The following is from an old post I made years ago. Kind of dated because
ADMT is now up to ver 3. However, the steps are virtually the same.
Basically you want to migrate the user, group and computer accounts along
with the users' SIDHistory. Using this method the new users in the other
domain will be able to use their original profiles. You can also use
password migration. Read the docs with ver2 and ver3 on how to set that up.
-----Original Message-----
From:
Sent: Fri 1/10/2003 12:05 AM
To:
Cc:
Subject: ADMT steps, refined with links
Read this about migration using ADMT. The idea is the same as W2k to W2k:
Domain Migration Cookbook - Chapter 10 Consolidation of Windows NT 4.0
Resource Domains:
http://www.microsoft.com/technet/prodtechnol/windows2000serv/deploy/cookbook/cookch10.asp
ADMT 2.0:
http://www.microsoft.com/downloads/details.aspx?FamilyID=788975b1-5849-4707-9817-8c9773c25c6c
ADMTv3:
http://www.microsoft.com/downloads/details.aspx?FamilyID=6f86937b-533a-466d-a8e8-aff85ad3d212
How to use ADMTv2:
http://support.microsoft.com/kb/326480
ADMT v3 Migration Guide:
http://www.microsoft.com/downloads/...70-3BBB-4B9E-A8BC-01E9F7EF7342&displaylang=en
835991 How to use a SID mapping file with the ADMT tool to perform a
resource domain migration to Windows Server 2003:
http://support.microsoft.com/default.aspx?scid=kb;EN-US;835991
Also here is more info from a post worth reading with lots of additional
info like transferring files keeping the DACLS, info about SID mapping,
http://www.tech-archive.net/Archive...indows.server.migration/2006-10/msg00019.html
Steps:
Setup
1. Create a two way trust between source and target domains.
2. Install ADMTv2 or v3 will create and configure the TCPClientSupport reg
settings on target and source and create the DOMAIN$$$ group on the source.
If using ADMT v1.0, follow these steps to configure the above. It is for NT4
to W2k, but the procedure is the same:
http://support.microsoft.com/default.aspx?scid=KB;en-us;q260871
Then
(Choose one of the target domain controllers to perform the following tasks)
1. Logged on target, migrate users acccounts (including associated groups).
Include the SIDHistory.
2. Logged on target, migrate group accounts (the ones that the above didn't
get).
3. Logged on source (from target), migrate computer accounts. ADMT will send
out an agent that will install on all client machines that are joined to the
domain. The client machines will automatically be moved to the new domain
and it will preserve the local profiles and move them with the new account
name.
4. Logged on target, run the security translator from ADMT.
5. If going from NT4 to W2k AD, before upgrading, correctly set the Primary
DNS Suffix.
Obviously you may want to test the migration on your own workstation or a
test workstation so you know what's involved.
Hope it helps.
--
Regards,
Ace
This posting is provided "AS-IS" with no warranties or guarantees and
confers no rights.
Ace Fekay, MCSE 2003 & 2000, MCSA 2003 & 2000, MCSE+I, MCT,
MVP Microsoft MVP - Directory Services
Microsoft Certified Trainer
For urgent issues, you may want to contact Microsoft PSS directly. Please
check
http://support.microsoft.com for regional support phone numbers.
Infinite Diversities in Infinite Combinations