Security Translation – Local Profiles and things to consider for end user experience

The last bit of any migration project is to keep the end user experience as simple and smooth as possible. So, by now we have successfully migrated the groups, migrated the users keeping their mailboxes intact and providing them access to all their resources using SID history. As the last bit of the migration I would like to discuss about few things that should be considered from an end user’s perspective to make their experience good when they login to the new domain.… [Keep reading] “Active Directory User Migration in Hybrid Exchange Environment Using ADMT – Part6”

Users Migration

The gun seems to be pretty much loaded with all the ammunition, ready to fire? Probably not yet …

Here I want to discuss about few basic things that are easily missed and can cause the migration to fail or go wrong. Few things worth noting down before getting into the migration:

• Make sure you have a plan to provide the permissions of file shares that built-in groups in source domain have access to.

Active Directory Groups

Now that we have got our both the AD environments ready to start the migration and installed all the required tools, let’s start moving the objects over. To ensure that we have the proper security structure in place before users are migrated to target domain, we’ll be dealing with Active Directory groups before migrating any of the user objects.

So, what is an AD group? How is the security structure controlled by these groups?… [Keep reading] “Active Directory User Migration in Hybrid Exchange Environment Using ADMT – Part4”

Installation and configuration of ADMT tool and Password Export Server

Now that we have got our active directories in both source and target domain ready for migration, let’s install the tools required for migration.

ADMT Migration Account

The ADMT service account needs to have administrative rights in both source and target domains. It’s a good idea to create a user specifically for the ADMT Migration, however you may still use an existing user if desired. A single service account will be used for the entire migration:

• In the target domain, create an administrator account

Target Domain:

• In the source domain add the same user to the built-in Administrators group (it can’t be added directly to domain admins group).

Configuring source and target domains

In the previous post of this series I discussed about the tasks involved in migrating a user from a domain to another in a hybrid exchange environment. Now let’s get down to the nitty-witty of migration.

Before getting into moving the users across to target domain, there are few things that need to be installed and configured in both source and target domain. Let’s start by looking at the configuration steps for source and target domains.… [Keep reading] “Active Directory User Migration in Hybrid Exchange Environment Using ADMT – Part2”