none
File server Migrations from ADMT tool

    Question

  • hi guys. we are planning to migrate file server from one forest to another. for that , I will be using ADMT tool and want to verify below things.

    Source Forest - contoco.local     - File server - FS01.contoso.local

    user name - user01( user01@contoso.local - UPN )

    user name - user02( user02@contoso.local - UPN )

    user name - user03( user03@contoso.local - UPN )

    user name - user04( user04@contoso.local - UPN )

    Destination forest and domain

    New Forest - mycompnay.com     - File server - FS01.mycompnay.com  ( File Server will be migrated to Root Domain)

    Child Domain 01-     abc.mycompnay.com

    Child Domain 02-     xyz.mycompnay.com

    Child Domain 03-     pqr.mycompnay.com

    user name - user01( user01@mydomain.com - UPN )   - will be moved to root domain

    user name - user02( user02@abc.mydomain.com- UPN )   - will be moved to first child domain

    user name - user03( user03@xyz.mydomain.com - UPN ) - will be moved to second child domain

    user name - user04( user04@pqr.mydomain.com- UPN ) - will be moved to third child domain

    I have following doubts to be clarified and if some one can help, much appreciate.

    1: once i move users( all 01,02,03,04 ) to their new child domain and before move file server to new forest, will all users have same file servers assess permissions. as we know, if we move users with SID History, root domain users will have access through SID history, will this will be same even if we move users to child domain(Hope SID history will rain for child domain users as well )

    2: once i move users( all 01,02,03,04 ) to their new child domain and after move file server to new forest(root Domain ), will all users have same file servers assess permissions. ( assuming we will use add permissions option from security translation wizard )- File Server will be moved to root domain and user (02,03,04 ) will be in child domains

    3: This file Server has around 60 TB DATA, will there any limitations for this kind of file Server migration through ADMT Tool

    Thank you

    Indunil 

    Tuesday, March 21, 2017 5:47 AM

All replies

  • Hi

     You can use ADMT to migrate AD resources,like users,computers,groups,etc..So for your needs you should migrate users to new domain with SID history first.Then you can migrate file shares&server with robocopy (include ntfs permissions.)As a result user should be migrate new domain with their current sid and permissions..

    Robocopy;https://technet.microsoft.com/en-us/library/cc733145(v=ws.11).aspx?f=255&mspperror=-2147217396


    This posting is provided AS IS with no warranties or guarantees,and confers no rights. Best regards Burak Uğur

    Tuesday, March 21, 2017 7:22 AM
  • thank you for reply. for sure user will be moved with SID history, but my questions was not answered . I have 3 doubts which has mentioned above.

    1: once i move users( all user01,user02,user03,user04 ) to their new child domain and before move file server to new forest, will all users have same file servers assess permissions. as we know, if we move users with SID History, root domain users will have access through SID history, will this will be same even if we move users to child domain(Hope SID history will remain for child domain users as well )

    2: once i move users( all user01,user02,user03,user04 ) to their new child domain and after move file server to new forest(root Domain ), will all users have same file servers assess permissions. ( assuming we will use add permissions option from security translation wizard )- File Server will be moved to root domain and user (user02,user03,user04 ) will be in child domains

    3: This file Server has around 60 TB DATA, will there any limitations for this kind of file Server migration through ADMT Tool

    Thank you


    • Edited by Indunil Tuesday, March 21, 2017 10:01 AM aa
    Tuesday, March 21, 2017 10:00 AM
  • - when you migrate them using admt with sid history,all users should be access to file share new domain if you also migrate it with robocopy,cause robocopy migrate shares include ntfs permissions.

    - there has a default trust between parent and child domains but to access file share on root domain,you should also configure permissions for users located on child domain.

    - You can use ADMT for AD resource migration,you should use ROBOCOPY for file share migration and afaik there is no limit.


    This posting is provided AS IS with no warranties or guarantees,and confers no rights. Best regards Burak Uğur

    Tuesday, March 21, 2017 9:12 PM
  • do you get any findings on this , cause i am in the same situation and i found that 

    when you make the security translation for file server to migrate from root domain to root domain in another forest

    the admt will add only the user in root domain and will not add any user from child domains

    but users in child domain will still have access with sid history

    Wednesday, December 27, 2017 6:03 AM