Mirgate objects to other domain using ADMT (Full)
11.3 هزار بار بازدید -
6 سال پیش
-
Mirgate objects to other domain
Mirgate objects to other domain using ADMT (full)
1. Prepare
- DC1 : Domain Controller(Yi.vn - Source Domain), IP 10.0.0.1 (OS Windows Server 2016) | WIN101 : Domain Member(Yi.vn) | Turn off local Firewall at all
- DC37 : Domain Controller(Yz.vn - Target Domain), IP 10.0.2.37 (OS Windows Server 2019) | DC254 : Routing Server, IP 10.0.0.254. 10.0.2.254 |
- Software : ISO Windows 2019, SQL 2012, ADMT(admtsetup32.exe), Password Export Server (pwdmig.exe)
2. Step by step : Mirgate Users, Groups, Computers from Yi.vn to Yz.vn using ADMT ###----******************** microsoftlab ********************-------- ###
- DC1 : Trust to Yz.vn (do the same DC37)
- DC37 : Install require for ADMT
+ Install .Net Framework 3.5, SQL Server 2012, ADMT(admtsetup32)
+ Create an encryption key :
+ Start - Right-click cmd - Run as Administrator - Type : admt key /option:create /sourcedomain:Yi.vn /keyfile:C:\PES.pes /keypassword:*
+ Type the password for 'Yi.vn': Type password
+ Confirm password for 'Yi.vn' : Confirm password + Install Password Export Server :
+ Double-Click pwdmig.exe - ... - Encryption file : Browse to C:\PES.pes - Type password and confirm - Install - Choose "Local System account" - Finish - Restart
+ Start - Services.msc - Double-click "Password Export Server Service" - Start
- DC1 : Add Yz\Administrator into Yi\Administrators, add Yz\Administrators into local Administrators group via GPO and install Password Export Server service
+ Server Manager - Tools - Active Directory Users and Computers - Yi.vn - Builtin - Double-click Administrators - Member tab - Add... - Locations... - Yz.vn - Administrator
+ Server manager - Tools - Group Policy Management - Right click "Default Domain policy" : Edit - Computer Configuration - Polices - Windows Setting - Security Settings
- Right-click "Restricted Groups" - Add Group... : Administrators - Members of this group - Add... - Browse... - Add "Domain admins" and Yz\Administrator - OK
+ Start - cmd - gpupdate /force
+ Copy file PES.pes from DC37, install Password Export Server service and start service
- DC37 : Migrate objects belong Yi.vn to Yz.vn
+ Server Manager - Tools - Active Directory Migration Tool :
+ Migrate Users - Right-click 'Active Directory Migration Tool' - User Account Migration Wizard :
+ Source : Domain : Yi.vn, Domain controller : DC1.Yi.vn
+ Target : Domain : Yz.vn, Domain controller : DC37.Yz.vn - Choose "Select users from domain" - Add... : HiepSale;VietSale;NamSale - Target OU : - Browse...
- SaleYz OU - Password Options : Choose "Migrate passwords", Password migration source DC : DC1.Yi.vn
- Account Transition Options : Target Account State : Choose "Target same as source", Source Account Disabling Options : Select 'Day until source account expires' : 30
- User Options : Select "Update user rights" - Conflict Management : Choose "Do not migrate source object if a conflict is detected in the target domain" - Finish - View Log
+ Migrate Group - Right-click "Active Directory Migration Tool" - Group Account Migration Wizad :
+ Source : Domain : Yi.vn, Domain controller : DC1.Yi.vn
+ Target : Domain : Yz.vn, Domain controller : DC37.Yz.vn - Choose "Select groups from domain" - Add... - GroupSale - Target OU : - Browse... - SaleYz OU
- Group Options : Select "Fix membership of group" - Finish - View Log
+ Migrate Computers - Right-click "Active Directory Migration Tool" - Computer Migration Wizard :
+ Source : Domain : Yi.vn, Domain controller : DC1.Yi.vn
+ Target : Domain : Yz.vn, Domain controller : DC37.Yz.vn - Choose "Select computers from domain" - Add... : WIN101 - Target OU : - Browse... - IT OU - Translate Objects : Select all
- Security Translation Options : Add - Computer Options : Minutes before computers restart after wizad completion : 0
- Conflict Management : Choose "Do not migrate source object if a conflict is detected in the target domain" - Finish - Close
+ Active Directory Migrate Tool Agent Dialog - Agent Actions : Choose "Run pre-check and agent operation" - Start
- WIN101 : Check agent then restart - Logon using account belong Yz.vn === OK
1. Prepare
- DC1 : Domain Controller(Yi.vn - Source Domain), IP 10.0.0.1 (OS Windows Server 2016) | WIN101 : Domain Member(Yi.vn) | Turn off local Firewall at all
- DC37 : Domain Controller(Yz.vn - Target Domain), IP 10.0.2.37 (OS Windows Server 2019) | DC254 : Routing Server, IP 10.0.0.254. 10.0.2.254 |
- Software : ISO Windows 2019, SQL 2012, ADMT(admtsetup32.exe), Password Export Server (pwdmig.exe)
2. Step by step : Mirgate Users, Groups, Computers from Yi.vn to Yz.vn using ADMT ###
- DC1 : Trust to Yz.vn (do the same DC37)
- DC37 : Install require for ADMT
+ Install .Net Framework 3.5, SQL Server 2012, ADMT(admtsetup32)
+ Create an encryption key :
+ Start - Right-click cmd - Run as Administrator - Type : admt key /option:create /sourcedomain:Yi.vn /keyfile:C:\PES.pes /keypassword:*
+ Type the password for 'Yi.vn': Type password
+ Confirm password for 'Yi.vn' : Confirm password + Install Password Export Server :
+ Double-Click pwdmig.exe - ... - Encryption file : Browse to C:\PES.pes - Type password and confirm - Install - Choose "Local System account" - Finish - Restart
+ Start - Services.msc - Double-click "Password Export Server Service" - Start
- DC1 : Add Yz\Administrator into Yi\Administrators, add Yz\Administrators into local Administrators group via GPO and install Password Export Server service
+ Server Manager - Tools - Active Directory Users and Computers - Yi.vn - Builtin - Double-click Administrators - Member tab - Add... - Locations... - Yz.vn - Administrator
+ Server manager - Tools - Group Policy Management - Right click "Default Domain policy" : Edit - Computer Configuration - Polices - Windows Setting - Security Settings
- Right-click "Restricted Groups" - Add Group... : Administrators - Members of this group - Add... - Browse... - Add "Domain admins" and Yz\Administrator - OK
+ Start - cmd - gpupdate /force
+ Copy file PES.pes from DC37, install Password Export Server service and start service
- DC37 : Migrate objects belong Yi.vn to Yz.vn
+ Server Manager - Tools - Active Directory Migration Tool :
+ Migrate Users - Right-click 'Active Directory Migration Tool' - User Account Migration Wizard :
+ Source : Domain : Yi.vn, Domain controller : DC1.Yi.vn
+ Target : Domain : Yz.vn, Domain controller : DC37.Yz.vn - Choose "Select users from domain" - Add... : HiepSale;VietSale;NamSale - Target OU : - Browse...
- SaleYz OU - Password Options : Choose "Migrate passwords", Password migration source DC : DC1.Yi.vn
- Account Transition Options : Target Account State : Choose "Target same as source", Source Account Disabling Options : Select 'Day until source account expires' : 30
- User Options : Select "Update user rights" - Conflict Management : Choose "Do not migrate source object if a conflict is detected in the target domain" - Finish - View Log
+ Migrate Group - Right-click "Active Directory Migration Tool" - Group Account Migration Wizad :
+ Source : Domain : Yi.vn, Domain controller : DC1.Yi.vn
+ Target : Domain : Yz.vn, Domain controller : DC37.Yz.vn - Choose "Select groups from domain" - Add... - GroupSale - Target OU : - Browse... - SaleYz OU
- Group Options : Select "Fix membership of group" - Finish - View Log
+ Migrate Computers - Right-click "Active Directory Migration Tool" - Computer Migration Wizard :
+ Source : Domain : Yi.vn, Domain controller : DC1.Yi.vn
+ Target : Domain : Yz.vn, Domain controller : DC37.Yz.vn - Choose "Select computers from domain" - Add... : WIN101 - Target OU : - Browse... - IT OU - Translate Objects : Select all
- Security Translation Options : Add - Computer Options : Minutes before computers restart after wizad completion : 0
- Conflict Management : Choose "Do not migrate source object if a conflict is detected in the target domain" - Finish - Close
+ Active Directory Migrate Tool Agent Dialog - Agent Actions : Choose "Run pre-check and agent operation" - Start
- WIN101 : Check agent then restart - Logon using account belong Yz.vn === OK
6 سال پیش
در تاریخ 1397/09/05 منتشر شده
است.
11,338
بـار بازدید شده