Share via

How to Migrate Users Across Forest (Cross Forest) Using ADMT 3.2 with SID and Passwords

  • Article

Once Trust is in place

Open Administrators Group in the Source Forest , Add Administrator of the Target Forest to acquire proper Permissions

Vice Versa

Open Administrators Group in the Target Forest , Add Administrator of the Source Forest to acquire proper Permissions

otherwise you will end up with Access denied errors while Moving Users back and forth

http://careexchange.in/wp-content/uploads/2012/07/image_thumb43.png

Once permission part is done

We have to configure a Password Export Server in the source domain to allow exporting the passwords to the Target domain 

If your Source Domain DC is running a 64 bit Version

Password Export Server version 3.1 (x64)

If your Source Domain DC is running a 32 bit Version

Password Export Server version 3.1 (x86) 

Choose Next

http://careexchange.in/wp-content/uploads/2012/07/image_thumb44.png 

Before you choose next , We need to create a password Encryption file from the Target Domain 

Reference

Enabling Migration of Passwords

http://technet.microsoft.com/en-us/library/cc974435(v=ws.10).aspx 

Open a Command Prompt where ADMT is installed on the Target Domain , Run the Below Command to Create a .pes file

admt key /option:create /sourcedomain:<SourceDomain> /keyfile:<KeyFilePath>

http://careexchange.in/wp-content/uploads/2012/07/image_thumb45.png

Once the File is Created on the Target Domain , Bring the File to the Source domain and Browse for the file 

http://careexchange.in/wp-content/uploads/2012/07/image_thumb46.png

 

http://careexchange.in/wp-content/uploads/2012/07/image_thumb47.png

Click Finish 

Reboot the Server to complete the installation 

Start the “Password Export Server Service” 

http://careexchange.in/wp-content/uploads/2012/07/image_thumb48.png

 Now Open ADMT , Choose User Account Migration Wizard

http://careexchange.in/wp-content/uploads/2012/07/image_thumb49.png

Choose Source Domain and Target domain

http://careexchange.in/wp-content/uploads/2012/07/image_thumb50.png

Now Select users

http://careexchange.in/wp-content/uploads/2012/07/image_thumb51.png

 

http://careexchange.in/wp-content/uploads/2012/07/image_thumb52.png

Choose the Target OU 

http://careexchange.in/wp-content/uploads/2012/07/image_thumb53.png

Choose Migrate Passwords 

http://careexchange.in/wp-content/uploads/2012/07/image_thumb54.png

Choose Target Same as source

Choose Migrate User SIDS to Target Domain 

http://careexchange.in/wp-content/uploads/2012/07/image_thumb68.png

Type User name and Password of the Source domain 

http://careexchange.in/wp-content/uploads/2012/07/image_thumb56.png

Choose Next 

http://careexchange.in/wp-content/uploads/2012/07/image_thumb57.png

Choose Next 

http://careexchange.in/wp-content/uploads/2012/07/image_thumb58.png

Choose Next 

http://careexchange.in/wp-content/uploads/2012/07/image_thumb124.png

 

 http://careexchange.in/wp-content/uploads/2012/07/image_thumb60.png

Great !! 

Now Users with SID and Password have been migrated across forest (Cross forest) Successfully 

Regards

Satheshwaran Manoharan