Active Directory Cross Forest Migration from Active Directory 2003 to Active Directory 2008 – Part 3
Posted by Krishna - MVP on July 24, 2012
This is the last and final part of of Cross forest migration.
Migrating Groups from red.com and green.com
1. Migrating the Global Security Group(Exchange Admins) with the member AD admins
Figure 44. Ad group with another AD group as member for migration
2. Start Active directory Migration tool from Administrative tools and right click on Active directory migration tool to select “group account migration wizard”
Figure 45. Starting Group account migration wizard
3. Select the appropriate source and target domain and appropriate domain controller
Figure 46. Selection source and target domain
4. select the option groups from domain
Figure 47. Selecting the manual group selection option
5. Add the Group Exchange Admin
Figure 48. Adding group exchange Admin for migration
6. Select the target OU where u want to drop the Group object in the target domain
Figure 49. Selecting the target the OU in the target domain
7. Select the option Copy group members, fix membership of group and migration group SIDs to target domain
Figure 50. Option to select to migrate group members along with the group
8. Type the account which has administrative rights on the source domain
Figure 51. providing admin account from the source domain
9. If you have any exclusion attribute then use the option, else click next to continue
Figure 52. Excluding Ad properties if any
10. select the option Do not migrate source object if a conflict is detected in the target domain. Just to make sure conflicting accounts are not merged. If you also have the option to merge users.
Figure 53. Conflict management option
11. Select the option Migrate passwords to migrate passwords for the group members.
Figure 54. Password Migration option for the group members
12. Under Group member Migration option , keep the Target account state as default “Target same as source”. If the source account is disabled then target account will also be disabled and if source account is enabled then the target account will also be enabled.
Figure 55. Selecting target account status after migration
13. Once all the desired options are selected then its time to click on finish and kick the migration process.
figure 56. Completing the group account migration wizard
14. Migration profess will start migrating groups and it group members based on the options selected. Once the migration is completed, logs can be viewed
Figure 57. Migration progress status
15. Log file will give you the group migration details. These log file is very important for verification and troubleshooting purpose.
Figure 58. Migration log details
We have successfully migrated users accounts and groups. ADMT provides various others wizards like
Service account migration Wizard
Computer account migration wizard
Password migration wizard
Security Translation wizard etc.
Figure 59. ADMT Migration Wizard
Once the user accounts are migrated then it’s time to move the mailbox from source to destination. Depending on the target environment you may have to decide the cmdlets to move the mailboxes.
As ADMT is a free tool it can save us some good amount of money but it’s very important to make sure the tool is fully tested in the lab and create the proper process document before starting to migration production users, groups and computers. Happy Migration