Remove From My Forums

Moving users and computers in domain

Question
0

Sign in to vote

Hello,

I did some research online, but wanted to get opinions on
here as well. I work for a company doing some moving around. We have 4 stores,
each store has a domain controller. It’s a single forest multi domain setup. We
are getting ready to move all of the pc’s and users from store A over to store
B. Do I need to take them off the A domain, and then when I physically get
there pc’s up and going at store B, just add them as new users in the B domain?
Or is it as easy as moving the user and computer from within active directory
from store A to store B? If so, does it matter when I do move them in active
directory? For example would it matter if I physically move the computer first,
and then after firing it up at store B, I then move the user and computer in
active directory? Its my first move and figured I would get a little help.
Thanks in advance…

Monday, February 20, 2012 1:01 PM

Answers

0

Sign in to vote
Note that movetree is limited to user accounts only (it does not apply to computers) - and it requires use of additional scripts/procedures to move user associated data. This also complicates your tasks if you need to reverse the process. In my opinion, this is more streamlined (and better documented) when using ADMT - but YMMV - so you might wan to give each a try before you decide...

hth
Marcin
- Marked as answer by hoosier1077 Monday, February 20, 2012 2:19 PM
Monday, February 20, 2012 1:47 PM

All replies

0

Sign in to vote

There is two method one is manual task simply disjoin the computer in one domain and re-join it to the another domain. The other option is performing migration of the users/groups/computer using migration tools like ADMT or Quest which will automatically join system to the new domain during migration.

The both method have pros and cons, if you take a manual route it depnds number of the system, if its fairly large using migration tool is pretty much recommended. But, if you have small subset of machine or users, manually joining the machine and creating the users could be simpler. You can remotely join the system to the domain using netdom and PSEXEC tools to remote execute domain join.

Also, provide some more details of the requirements.

Regards

Awinish Vishwakarma

MY BLOG: awinish.wordpress.com

This posting is provided AS-IS with no warranties/guarantees and confers no rights.

Monday, February 20, 2012 1:10 PM
0

Sign in to vote

Hello,

you can either move them manual as you already stated, which involves the creation of new user accounts/passwords etc. and also creates new profiles on the moved computers, without accessto the old one OR you use ADMT(free from Microsoft) or Quest Migration tool(not free).

But Quest or ADMT requires testing in a lab before to get familiar with all steps.

Best regards

Meinolf Weber
MVP, MCP, MCTS
Microsoft MVP - Directory Services
My Blog: http://msmvps.com/blogs/mweber/

Disclaimer: This posting is provided "AS IS" with no warranties or guarantees , and confers no rights.

Monday, February 20, 2012 1:13 PM
0

Sign in to vote

Based on your description, it appears that each store represents a separate AD domain - is this correct? If this is the case, than the least intrusive way to accomplish your goal would be to perform intra-forest migration of users/computers. This is typically accomplished by using migration tools - such as freely downloadable ADMT. The migration process is fullly described in the documentation that accompanies the download at http://www.microsoft.com/download/en/details.aspx?id=8377

You might need to use an earlier version - depending on the OS version of your domain controllers - so make sure you check the prerequisites

hth
Marcin

Monday, February 20, 2012 1:15 PM
0

Sign in to vote
Hi,

If you want to move users from one domain to another in the same forest you can use the MoveTree command.

If you want to move user from one domain to another in other forest, you can use the ADMT tool.

Best regards;

Best Regards Don't forget to mark it as answer if it helps
- Edited by Maher Riahi Monday, February 20, 2012 1:19 PM
Monday, February 20, 2012 1:15 PM
0

Sign in to vote

As far as I recall, you can not use MoveTree to move computer objects...

This does apply, if you want to move user objects only - although there is additional work involved in order to deal with associated configuration/data

hth
Marcin

Monday, February 20, 2012 1:28 PM
0

Sign in to vote

You can move computers objects by using netdom command.

Best regards
Best Regards Don't forget to mark it as answer if it helps

Monday, February 20, 2012 1:42 PM
0

Sign in to vote

Thanks for getting back to me everyone... It looks like the movetree command might be my best bet since Im in a single forest environment. If I was doing just a handfull of users, is it possible just to right click on the user and computer and select "move", and then navigate to the domain at store B and drop them in an OU on that domain?

Monday, February 20, 2012 1:43 PM
0

Sign in to vote
Note that movetree is limited to user accounts only (it does not apply to computers) - and it requires use of additional scripts/procedures to move user associated data. This also complicates your tasks if you need to reverse the process. In my opinion, this is more streamlined (and better documented) when using ADMT - but YMMV - so you might wan to give each a try before you decide...

hth
Marcin
- Marked as answer by hoosier1077 Monday, February 20, 2012 2:19 PM
Monday, February 20, 2012 1:47 PM
0

Sign in to vote

I agree, if its a bunch of users/computers, do it manually if the count is large using migration tool like ADMT or Quest is better option. Also, there is no option of right click and move to different forest/domain with built in AD-tools until you plan to choose migration tools.

http://awinish.wordpress.com/tag/admt/

Regards

Awinish Vishwakarma

MY BLOG: awinish.wordpress.com

This posting is provided AS-IS with no warranties/guarantees and confers no rights.

Monday, February 20, 2012 1:50 PM
0

Sign in to vote

Thanks again, I did some research on admt and that does look like the way to go. Last question... When using admt to move users and computers, will the trasfered users group policy update to whatever domain B has? Right now the computers on domain A have assigned app installs pushing from gpo, so if I use admt and transfer those users and computers, will those gpo's dissapear from the user and computer after transfer, and start suing the gpo applied from domain B which they are now in?

Monday, February 20, 2012 2:10 PM
0

Sign in to vote
GPOs are linked to OUs - so if you want them to apply to users/computers following the migration, link them to the target OUs (where migrated user accounts will reside)

hth
Marcin
- Proposed as answer by Prashant Girennavar Monday, February 20, 2012 2:17 PM
Monday, February 20, 2012 2:11 PM
0

Sign in to vote

Thanks everyone for the help....

Monday, February 20, 2012 2:19 PM
0

Sign in to vote

Agree with Marcin,

You can use copying option in GPO.Below is the link.

http://technet.microsoft.com/en-us/library/cc785343(v=ws.10).aspx

http://www.windowsitpro.com/article/domains2/how-can-i-copy-a-gpo-from-one-domain-to-another-

Regards,

_Prashant_
MCSA|MCITP SA|Microsoft Exchange 2003 Blog - http://prashant1987.wordpress.com

Monday, February 20, 2012 2:20 PM
0

Sign in to vote

Im hoping this thread is still open for one more question.... When im ready to do the user and computer migration, should the user have the pc and and runnning on the source network/domain, or the destination domain that im moving them to? Thanks.

Friday, February 24, 2012 12:52 AM
0

Sign in to vote

Yes, PC should be online and accessible esp admin$ shares while migrating in the source domain. Post migration PC will reboot twice to become part of the target domain.

Regards

Awinish Vishwakarma
MY BLOG: awinish.wordpress.com
This posting is provided AS-IS with no warranties/guarantees and confers no rights.

Friday, February 24, 2012 5:24 AM

Products

Resources

Solutions

Updates

Trials

Related Sites

Training

Certifications

Other resources

Support options

More support

Not an IT pro?

Answered by:

Moving users and computers in domain

Question

Answers

All replies