none
Active Directory cross forest migraton and file servers

    Question

  • Team,

    we have upcoming project for cross forest migration and file servers migration also. Please help me with the technical documents, steps guide, prerequisites and  how to perform the following migration activity like users, Computer, Password, Profile migration and File servers has to be migrated to new domain by retaining folder structure, rights/permissions and data using ADMT tools.

    Wednesday, February 15, 2017 3:50 AM

Answers

  • Team,

    we have upcoming project for cross forest migration and file servers migration also. Please help me with the technical documents, steps guide, prerequisites and  how to perform the following migration activity like users, Computer, Password, Profile migration and File servers has to be migrated to new domain by retaining folder structure, rights/permissions and data using ADMT tools.

    What do you want to know my friend when you already know that you have to use ADMT? :)

    OK. Since you are aware that you should use ADMT, I try to give you some methods to ease your process.

    Assuming trusts and permissions are in place, you will need to have identical GPO's in your target domain as your source domain. So it is advised to create same GPOs with same setting and apply them to the same OU hierarchy. In fact I would create the same OU hierarchy to make the migration easier. Once everything is moved, you can re-create your OU hierarchy in your target domain.

    Users are not a big deal. If I am not mistaken you can enable a checkbox in user migration in which their group's will be migrated too. You need to double check that.

    Computes are completely different, because during migration their domain name suffix will be changed so they will have a couple of restarts per PC before completely being migrated. So I guess it is best to do this computer migration during weekends with batch of computers. Say 20 computers a time, then move to next batch. Also since it is a tricky process, you need to make sure that their firewall is turned off temporarily and their AV software is properly configured. I have seen scenarios where the AV software block the RPC or Remote access to them.

    For file servers, make sure to document the ACL permissions because in case the ACL entries are lost, you can re-write them in place so fast.


    Mahdi Tehrani   |     |   www.mahditehrani.ir
    Please click on Propose As Answer or to mark this post as and helpful for other people.
    This posting is provided AS-IS with no warranties, and confers no rights.

    Wednesday, February 15, 2017 7:13 AM
    Moderator
  • Hi,
    Regarding to AD migration, ADMT tool is suggested to do that as you said, and the follow articles are suggested for your reference:
    ADMT Guide: Migrating and Restructuring Active Directory Domains
    https://technet.microsoft.com/en-us/library/cc974332(v=ws.10).aspx
    How to Migrate Users Across Forest (Cross Forest) Using ADMT 3.2 with SID and Passwords
    https://social.technet.microsoft.com/wiki/contents/articles/13904.how-to-migrate-users-across-forest-cross-forest-using-admt-3-2-with-sid-and-passwords.aspx
    Here is an article regarding to use ADMT step by step:
    https://blog.thesysadmins.co.uk/admt-series-1-preparing-active-directory.html
    Please Note: Since the web site is not hosted by Microsoft, the link may change without notice. Microsoft does not guarantee the accuracy of this information.
    File server migration, please refer to: https://social.technet.microsoft.com/Forums/windowsserver/en-US/ca9990f8-812a-4a51-8cb2-92abbebcd53b/migrate-file-server-from-domain-a-to-domain-b?forum=winserverfiles
    Best regards,
    Wendy

    Please remember to mark the replies as answers if they help.
    If you have feedback for TechNet Subscriber Support, contact tnmff@microsoft.com

    Wednesday, February 15, 2017 7:15 AM
    Moderator

All replies

  • Team,

    we have upcoming project for cross forest migration and file servers migration also. Please help me with the technical documents, steps guide, prerequisites and  how to perform the following migration activity like users, Computer, Password, Profile migration and File servers has to be migrated to new domain by retaining folder structure, rights/permissions and data using ADMT tools.

    What do you want to know my friend when you already know that you have to use ADMT? :)

    OK. Since you are aware that you should use ADMT, I try to give you some methods to ease your process.

    Assuming trusts and permissions are in place, you will need to have identical GPO's in your target domain as your source domain. So it is advised to create same GPOs with same setting and apply them to the same OU hierarchy. In fact I would create the same OU hierarchy to make the migration easier. Once everything is moved, you can re-create your OU hierarchy in your target domain.

    Users are not a big deal. If I am not mistaken you can enable a checkbox in user migration in which their group's will be migrated too. You need to double check that.

    Computes are completely different, because during migration their domain name suffix will be changed so they will have a couple of restarts per PC before completely being migrated. So I guess it is best to do this computer migration during weekends with batch of computers. Say 20 computers a time, then move to next batch. Also since it is a tricky process, you need to make sure that their firewall is turned off temporarily and their AV software is properly configured. I have seen scenarios where the AV software block the RPC or Remote access to them.

    For file servers, make sure to document the ACL permissions because in case the ACL entries are lost, you can re-write them in place so fast.


    Mahdi Tehrani   |     |   www.mahditehrani.ir
    Please click on Propose As Answer or to mark this post as and helpful for other people.
    This posting is provided AS-IS with no warranties, and confers no rights.

    Wednesday, February 15, 2017 7:13 AM
    Moderator
  • Hi,
    Regarding to AD migration, ADMT tool is suggested to do that as you said, and the follow articles are suggested for your reference:
    ADMT Guide: Migrating and Restructuring Active Directory Domains
    https://technet.microsoft.com/en-us/library/cc974332(v=ws.10).aspx
    How to Migrate Users Across Forest (Cross Forest) Using ADMT 3.2 with SID and Passwords
    https://social.technet.microsoft.com/wiki/contents/articles/13904.how-to-migrate-users-across-forest-cross-forest-using-admt-3-2-with-sid-and-passwords.aspx
    Here is an article regarding to use ADMT step by step:
    https://blog.thesysadmins.co.uk/admt-series-1-preparing-active-directory.html
    Please Note: Since the web site is not hosted by Microsoft, the link may change without notice. Microsoft does not guarantee the accuracy of this information.
    File server migration, please refer to: https://social.technet.microsoft.com/Forums/windowsserver/en-US/ca9990f8-812a-4a51-8cb2-92abbebcd53b/migrate-file-server-from-domain-a-to-domain-b?forum=winserverfiles
    Best regards,
    Wendy

    Please remember to mark the replies as answers if they help.
    If you have feedback for TechNet Subscriber Support, contact tnmff@microsoft.com

    Wednesday, February 15, 2017 7:15 AM
    Moderator
  • Just take a backup before proceeding.

    First migrate file server.

    After the migration, if permissions on folders and files are changed, I suggest you use RoboCopy command line tool to mirror the permissions.

    You may refer to following MS articles and I think migration preparation work, migration plan here is also useful for you.

    File Server Migration and ADMT

    File Server Migration ADMT

    File Services Migration Guide
    http://technet.microsoft.com/en-us/library/dd379487(v=WS.10).aspx

    File Services Migration: Preparing to Migrate
    http://technet.microsoft.com/en-us/library/dd392268(v=WS.10).aspx

    File Services Migration: Migrating the File Services Role
    http://technet.microsoft.com/en-us/library/dd379474(v=ws.10).aspx

    Migrating Workstations and Member Servers:
    http://technet.microsoft.com/en-us/library/cc974356(v=WS.10).aspx

    Robocopy /MIR switch – mirroring file permissions:
    http://blogs.technet.com/b/filecab/archive/2008/07/31/robocopy-mir-switch-mirroring-file-permissions.aspx

    Hope this helps!


    Migrate mailboxes, Public Folders, Outlook profiles and rules and GAL etc. to-and-fro Exchange Servers and Office 365 with LepideMigrator for Exchange

    Wednesday, February 15, 2017 7:16 AM
  • Hi,

    I am checking how the issue going, if you still have any questions, please feel free to contact us.

    And if the replies as above are helpful, we would appreciate you to mark them as answers, and if you resolve it using your own solution, please share your experience and solution here. It will be greatly helpful to others who have the same question.

    Appreciate for your feedback.

    Best regards,

    Wendy


    Please remember to mark the replies as answers if they help.
    If you have feedback for TechNet Subscriber Support, contact tnmff@microsoft.com

    Monday, February 20, 2017 9:50 AM
    Moderator