Mirgate objects to other domain using ADMT (Full)

Mirgate objects to other domain using ADMT (full)

1. Prepare

- DC37 : Install require for ADMT

+ Install .Net Framework 3.5, SQL Server 2012, ADMT(admtsetup32)

+ Create an encryption key :

- DC1 : Add Yz\Administrator into Yi\Administrators, add Yz\Administrators into local Administrators group via GPO and install Password Export Server service

+ Server manager - Tools - Group Policy Management - Right click "Default Domain policy" : Edit - Computer Configuration - Polices - Windows Setting - Security Settings

- Right-click "Restricted Groups" - Add Group... : Administrators - Members of this group - Add... - Browse... - Add "Domain admins" and Yz\Administrator - OK

+ Start - cmd - gpupdate /force

+ Copy file PES.pes from DC37, install Password Export Server service and start service

+ Server Manager - Tools - Active Directory Migration Tool :

+ Migrate Users - Right-click 'Active Directory Migration Tool' - User Account Migration Wizard :

- Account Transition Options : Target Account State : Choose "Target same as source", Source Account Disabling Options : Select 'Day until source account expires' : 30

- User Options : Select "Update user rights" - Conflict Management : Choose "Do not migrate source object if a conflict is detected in the target domain" - Finish - View Log

+ Migrate Group - Right-click "Active Directory Migration Tool" - Group Account Migration Wizad :

- Group Options : Select "Fix membership of group" - Finish - View Log

+ Migrate Computers - Right-click "Active Directory Migration Tool" - Computer Migration Wizard :



- Security Translation Options : Add - Computer Options : Minutes before computers restart after wizad completion : 0

- Conflict Management : Choose "Do not migrate source object if a conflict is detected in the target domain" - Finish - Close

+ Active Directory Migrate Tool Agent Dialog - Agent Actions : Choose "Run pre-check and agent operation" - Start