Hi,

I have to syncronize the data between the Business Units of my Company with the central Platform.

At that moment I have a domain at my Business unit and another Domain at the platform.

I have to migrate all the users and computers from the BU to the platform and then install an RODC at the business unit which will have the data of the platform(read only). The only problem is that the users of the business unit are present in the AD local but also on the AD of the platform. In the AD local I have the users and computers but on the AD of the platform I have only the users, that were created because some applications needed this.

My question is: how can I do the migration so that I won't have two times the users. Can I migrate the computers and assign them the users that are already on the AD of the platform? Is there any other solution for this type of migration?

I thought to migrate the domain of the business unit to be in the same domain as the platforms (uninstalling the AD of the BU and then nmigrate it as a member server for the platform and then reinstall the AD. The only problem is the users which are already on the platform.

Any help would be apreciated!

Hi Amrida,

Based on my understanding, you want to migrate your computer accounts from BU(Business Units) to CP( Central Platform), right?

If it is in this case, you may use ADMT to migrate Workstations and Member Servers from the source domain to the target domain.

https://technet.microsoft.com/en-us/library/cc974402(v=ws.10).aspx

For the user accounts, may I ask  does the two domain user account have the same samaccount?

If you have a samaccountname conflict, you need to change the source or target account first.  If it is the same user, you can merge them.

Please first read the thread discussed before.

https://social.technet.microsoft.com/Forums/windowsserver/en-US/642eb4ca-93da-45f4-8e6a-4f172ef32c04/migrating-same-user-from-differents-domains-with-admt-32?forum=winserverDS

Then you may refer to the step by step guides.

https://blog.thesysadmins.co.uk/admt-series-9-merging-users-with-a-different-samaccountname.html

Best Regards,

Mary Dong

Hi Mary,

Thank you for your answer.

In fact we want to do a synchronization between the bussiness units and the platform, so that a copy of the AD of platform will be on the RODC of the business unit. But before we should do a migration between the old domain and the new domain.

All the users of all business units should be on the central platform and the replication of the central platform should be done to the RODC of the business units.

That's all about it but I find it a little bit difficult because I am a beginner and I have no feedback from anybody here, because they are busy.

Kind regards,

R

Hi Amrida,

Thanks for your reply.

According to your description, you want to demote the previous domain controller in bussiness units. And promote to a RODC and make it synchronization with DC in central Platform, right?

If so, you need to do the migration first as I mentioned before. And make sure you all data have been migrated. And then you could promote the RODC in BU. And after promoting, there is replication between domain controllers, they could be synchronization. And for more details about replication, the article below might be helpful. You could also take a look.

Active Directory Replication

https://technet.microsoft.com/en-us/library/Dd277429.aspx

Forcing Replication

https://technet.microsoft.com/en-us/library/Cc794809(v=WS.10).aspx

Best Regards,

Mary Dong

Hi Mary,

I have only one more question.When I am doing the migration from one domain to another with ADMT, does the desktop profile maintain its settings?

Many thanks,

Regards

Hi Mary,

I have another issue.

The users on the central platform have different passwords than those from the Business Unit.

Also there are for example sharepoint servers in local business unit which need to be migrated also to the platform.

After the migration, with ADMT, will the user be able to log in the sharepoint portal with the Platform user's password?

Thanks in advance,

Kind regards,

Hi Amrida,

During the User account migration you will have the option to migrate passwords from the source domain user accounts to the target domain. If you choose to use this feature, you may read about the articles.

https://blog.thesysadmins.co.uk/admt-series-4-password-export-server.html

And about user profile migration, you could also use ADMT migration tool. And refer to the article for more details

https://technet.microsoft.com/en-us/library/cc974331(WS.10).aspx

Best Regards,

Mary Dong

Hi,

So I cannot keep the password of the target DC, from what I can see.

How I will be able to acess the server application like Sharepoint(that are also migrated into the new domain) if I am going to change the user's password ?

Also do you know how can I get a version of ADMT. I have already 2 days since I am looking for a 64 bits version and I am not finding: https://connect.microsoft.com/site1164/Downloads/DownloadDetails.aspx?DownloadID=53422

Kind regards

Hi Amrida,

Please check the article about Enabling Migration of Passwords

https://technet.microsoft.com/en-us/library/Cc974435(v=WS.10).aspx

You could dowload the Active Directory Migration Tool (ADMT) Guide: Migrating and Restructuring Active Directory Domains as a reference

http://www.microsoft.com/en-us/download/details.aspx?id=19188

And ADMT v3.2 has been updated and re-released at https://connect.microsoft.com/site1164. To download the tool, you will need to sign in to the Connect site and sign up for the "Azure AD connection program."

Best Regards,

Mary Dong