Logo
PREGNANCY
Windows XP
Windows Vista
Windows 7
Windows Azure
Windows Server
Windows Phone
 
 
Windows Server

Migrating from Windows Server 2003/2008 to Windows Server 2008 R2 : Multiple Domain Consolidation Migration (part 3) - Migrating Groups & Migrating User Accounts

3/3/2011 10:27:56 PM

Migrating Groups

In most cases, the first objects to be migrated into a new domain should be groups. If users are migrated first, their group membership will not transfer over. However, if the groups exist before the users are migrated, they will automatically find their place in the group structure. To migrate groups using ADMT v3.1, use the Group Account Migration Wizard, as follows:

1.
Open the ADMT MMC snap-in (Start, Administrative Tools, Active Directory Migration Tool).

2.
Right-click Active Directory Migration Tool in the left pane, and choose Group Account Migration Wizard.

3.
Click Next to continue.

4.
Type the source and destination domains, select the source and destination domain controllers, and click Next to continue.

5.
Choose the Select Groups from Domain option, and click Next.

6.
On the subsequent page, you can select the group accounts from the source domain. Select all the groups required by using the Add button and selecting the objects. After you select the groups, click Next to continue.

7.
Enter the destination OU for the accounts from the source domain by clicking Browse and selecting the OU created in the steps outlined previously. Click Next to continue.

8.
On the following page, there are several options to choose from that determine the nature of the migrated groups. Clicking the Help button details the nature of each setting. In the sample migration, choose the settings shown in Figure 2. After choosing the appropriate settings, click Next to continue.

Figure 2. Setting group options.

9.
Enter a user account with proper administrative rights on the source domain on the following page. Then click Next to continue.

10.
The subsequent page allows for the exclusion of specific directory-level attributes from migration. If you need to exclude any attributes, they can be set here. In this example, no exclusions are set. Click Next to continue.

11.
Naming conflicts often arise during domain migrations. In addition, different naming conventions might apply in the new environment. Objects will not be migrated if conflicts occur. Click Next.

12.
The verification page is the last wizard page you see before any changes are made. Once again, make sure that the procedure has been tested before running it because ADMT will henceforth write changes to the target Windows Server 2008 R2 Active Directory environment. Click Finish when you’re ready to begin group migration.

13.
The group migration process then commences. The window shows the migration progress. Click Close when it completes.

The group(s) is (are) now migrated to the new domain.

Migrating User Accounts

User accounts are the “bread and butter” of domain objects and are among the most important components. The biggest shortcoming of older versions of ADMT was their inability to migrate passwords of user objects, which effectively limited its use. However, ADMT v3.1 does an excellent job of migrating users, their passwords, and the security associated with them. To migrate users, follow these steps:

1.
Open the ADMT MMC snap-in (Start, Administrative Tools, Active Directory Migration Tool).

2.
Right-click the Active Directory Migration Tool, and choose User Account Migration Wizard.

3.
Click Next on the Welcome page.

4.
Select the source and target domains on the subsequent page, and click Next to continue.

5.
Choose the Select Users from Domain option, and click Next.

6.
The following page allows you to choose user accounts for migration. Just click the Add button and select the user accounts to be migrated. After you select all the user accounts, click Next to continue.

7.
The next page allows you to choose a target OU for all created users. Choose the OU by clicking the Browse button. After you select it, click Next to continue.

8.
Select Migrate Passwords and then select the server in the source domain in which the Password Export Server (PES) service was installed. Click Next to continue.

9.
On the Account Transition Options page, leave the default transition options, and click Next.

10.
Enter the account to use when adding SID History, which has to have administrative rights on the source domain. Then click Next.

11.
The subsequent page deals with User Options settings. Click Help for an overview of each option. Select Translate Roaming Profiles. Then click Next to continue.

12.
The next page is for setting exclusions. Specify any property of the user object that should not be migrated here. In this example, no exclusions are set. Click Next to continue.

13.
Naming conflicts for user accounts are common. Designate a procedure for dealing with duplicate accounts in advance and enter such information on the next wizard page. Select the appropriate options for duplicate accounts and click Next to continue.

14.
The following verification page presents a summary of the procedure that will take place. This is the last page before changes are written to the target domain. Verify the settings and click Finish to continue.

15.
The Migration Progress status box displays the migration process as it occurs, indicating the number of successful and unsuccessful accounts created. When the process is complete, review the log by clicking View Log and verify the integrity of the procedure. Click Close when you are finished.

Note

Depending on if other wizards have already been run, there might be additional steps at this point that happen one time only to set up proper Registry settings, reboot DCs, and create special groups.

Other -----------------
- Migrating from Windows Server 2003/2008 to Windows Server 2008 R2 : Phased Migration (part 4) - Upgrading Domain and Forest Functional Levels & Moving AD-Integrated DNS Zones to Application Partitions
- Migrating from Windows Server 2003/2008 to Windows Server 2008 R2 : Phased Migration (part 3) - Moving Operation Master Roles & Retiring “Phantom” Domain Controllers
- Migrating from Windows Server 2003/2008 to Windows Server 2008 R2 : Phased Migration (part 2)
- Migrating from Windows Server 2003/2008 to Windows Server 2008 R2 : Phased Migration (part 1) - Migrating Domain Controllers
- Migrating from Windows Server 2003/2008 to Windows Server 2008 R2 : Big Bang Migration
- Migrating from Windows Server 2003/2008 to Windows Server 2008 R2 : Beginning the Migration Process
 
 
Most view of day
- Windows Server 2012 : Administering Active Directory using Windows PowerShell (part 1) - Managing user accounts with Windows PowerShell
- Managing Windows 7 : Controlling the Power Options
- Microsoft Exchange Server 2010 : Creating and Managing Accepted Domains (part 3) - Changing the Accepted Domain Type and Identifier , Removing Accepted Domains
- Microsoft Excel 2010 : Protecting and Securing a Workbook - Working with Office Safe Modes
- Working with the User State Migration Tool (part 5) - Getting Extra Mileage Out of the USMT
- Windows Phone 8 : Scheduled Tasks - Scheduled Task API Limitations
- Sharepoint 2013 : Branding with the Design Manager (part 2) - Creating a Brand
- Windows Server 2008 R2 : Creating and Administering Hyper-V Virtual Machines (part 1) - Virtual machine disk types
- Windows Server 2003 on HP ProLiant Servers : Assessment of the Enterprise - The Assessment Team
- Integrating BizTalk Server 2010 and Microsoft Dynamics CRM : Communicating from BizTalk Server to Dynamics CRM (part 2) - Configuring the BizTalk endpoints
Top 10
- Configuring and Troubleshooting IPv6 in Windows Vista (part 4) - Troubleshooting IPv6 Connectivity
- Configuring and Troubleshooting IPv6 in Windows Vista (part 3) - Configuring IPv6 in Windows Vista Using Netsh , Other IPv6 Configuration Tasks
- Configuring and Troubleshooting IPv6 in Windows Vista (part 2) - Configuring IPv6 in Windows Vista Using the User Interface
- Configuring and Troubleshooting IPv6 in Windows Vista (part 1) - Displaying IPv6 Address Settings
- Deploying IPv6 : IPv6 Enhancements in Windows Vista
- Games and Windows 7 : Games for Windows - LIVE (part 2) - Accessing Games for Windows - LIVE from within Compatible Games
- Games and Windows 7 : Games for Windows - LIVE (part 1) - Using the Games for Windows - LIVE Marketplace
- Sharepoint 2013 : Client-side Programming - Working with the REST API (part 3)
- Sharepoint 2013 : Client-side Programming - Working with the REST API (part 2) - Working with the REST API in JavaScript
- Sharepoint 2013 : Client-side Programming - Working with the REST API (part 1) - Understanding REST fundamentals
 
 
Windows XP
Windows Vista
Windows 7
Windows Azure
Windows Server
Windows Phone
2015 Camaro