ADMT (Active Directory Migration Tool) Domain Migration – Part 4

KB ID 0001308 

Problem

On the homeward stretch now, back in Part Three, we migrated service accounts, groups, and users. Now we turn our attention to our machines.

Note ADMT 3.2 Only support the migration of Operating Systems up to Windows 7, (that doesn’t mean Windows 8 and Windows 10 wont work, it just means they are not supported). Migrating Windows 8 and 10 throws a lot of security translation errors, because of the way it treats ‘Apps’, so I’d recommend you do a LOT of testing before carrying out a live migration.

Solution

ADMT Computer Security Translation

Migrating computers is a two-step procedure, you do a security translation on a machine, then you migrate the machine. The security translation adds the security for the user(s) in newdomain.com to all the objects (files, folders, user profiles, and registry hives, etc) that their user account in olddomain.com did. like doing the service account migration (above) the plan is to get everything ready to ‘work’ before the machine is migrated.

Real World Note: This can take a while, (up to an hour for some machines,) and it’s best done without anyone being logged in (to prevent any profiles, or registry hives being locked). So take time to plan when this is done – rush it and you will have problems, and the very users who are too busy to be interrupted, are the very ones that shout the loudest if there’s a problem post migration. I would (if possible) have a stock of prebuilt machines on the new domain in case there’s any migration dramas, at least then you can get people working quickly.

This should be getting familiar by now, accept the defaults.

Select your computer(s) > Select all the options > SELECT ADD > Finish.

Agent Note: You are about to deploy the ADMT agent, make sure you have followed part one and part two. This process will be familiar if you carried out the service translation wizard earlier.

Run the pre check, and agent deploy.

What you will find after translation is all the profiles, and files etc will have the new domain users added alongside the old one with the same rights.

ADMT Computer Migration

Now finally to migrate the machines, ADMT > Computer Migration Wizard.

Select the computers.

Select the Target OU > Tick everything > Add > Select the amount of time to wait before rebooting the machine into the new domain.

Hang About Haven’t we done some of this? Yes, but because you have done the security translation already it can see the ACLs exist as it goes through and skips creating them.

As usual I’m not filtering any attributes > I’ll quit if theres a conflict > Migration should then complete.

Can I migrate Servers With ADMT?

Yes, but you need to have a good think about doing so first? For simple file and print servers that should be OK (Obviously back them up first etc). DONT try and do this with an Exchange server, or any other server that relies on Active directory for its very existence! And wherever possible if you can create clean new servers and migrate your data into them do so!

 

What about Microsoft Exchange and User Mailboxes?

I mentioned Exchange briefly on the user migration, Exchange migrations between domains, are possible, depending on your setup it may be easier to export all the mail form the old system and import it into the new one (use the search bar above. I’ve already written a load of stuff about doing this). In the not to distant future I’ll cover Exchange Inter Organisation Mail migrations.

Readers Note:

As with all the articles here, please provide feedback below, if one thing you have found can save another reader sweat and toil, then that’s the very reason for this site! If you have been with this since part one thanks for staying till the end (PL).

Related Articles, References, Credits, or External Links

NA

Can I delete _vti_inf.html and the _vti folders?

KB ID 0000742 

Problem

I was doing some site tidying this week, usually If I don’t know what something is I leave it alone, but I was on a mission! I had a bunch of files/folders in the root of my website, that, a) I didn’t know what they were doing, and b) wanted to delete.

File: _vti_inf
Folders: _private, _vti_bin, _vti_cnf, _vti_log, vti_pvt, _vti_txt

Solution

As it turns out these folders are needed for FrontPage and FrontPage Extensions. I CAN simply delete them, but since my web host provides me with cPanel access to the website, I can simply disable the extensions there, and this removes all the junk for me. (I don’t intend to use FrontPage).

1. Log into cPanel, locate FrontPage Extensions.

2. Uninstall Extensions.

3. You should see something similar.

4. Now we are a bit less cluttered.

Related Articles, References, Credits, or External Links

NA

XCOPY – Insufficient Memory

KB ID 0000810 

Problem

If I’m migrating client data, I use Xcopy a lot, especially if I want to preserve the permissions. One of the questions I usually ask is “Do any of your users have file names that are very long, i.e. longer than 256 characters?” Because if you are moving a lot of data and it’s been running for a few hours, then suddenly fails saying ‘Insufficient Memory‘, then that’s probably what the problem is.

Solution

1. At the point of failure, you will have successfully moved some data, so you want a solution that just moves the remaining data, Robocopy will do that for you.

Note: For Server 2008, Server 2008 R2, Server 2012, and Windows Vista/7/8, you will already have Robocopy installed, for older clients you will need to install the 2003 Resource Kit.

[box]

Syntax

robocopy "source" "destination" "options"

robocopy S: D:Shared /MIR /SECFIX /SEC

Note:Robocopy by default will retry 1000000 times, and wait 30 seconds each time (if it has a problem). You might want to add /R:3 /W:1 as switches to stop that.

[/box]

/MIR – Mirror the two locations, this will copy the difference IN BOTH DIRECTIONS! (Simply use /E if you don’t want this).

/SECFIX – Checks the Permissions on ALL FILES as it goes through (to make sure)

/SEC – Copies the data with its security ACL’s intact.

Use Robocopy to copy only newer files/folders

Thankfully this is the default behaviour, simply run the same command again.

Related Articles, References, Credits, or External Links

NA

Windows Enabling “Show Hidden Files” and “Show File Extensions”

KB ID 0000655 

Problem

 Windows, by.default hides file extensions.

Note: Only for files it understands.
e.g. In the example below it does not know what a .doc extension is so it shows it (because Word has not been installed yet).

Show File Extensions

Also hidden files and folders are not shown.

Show Hidden Files and Folders

Solution

I know these are two different things, but I usually set them both together, and they’re both set on the same menu.

1. Open Windows Explorer by pressing the Windows Key+E.

2. View > Options > Select the drop down arrow > View.

To Show Hidden files and folders select “Show Hidden Files, folders and drives“.
To Show
File Extensions UNTICKHide extensions for known file types“.

3. Apply > OK > Close Windows Explorer.

Related Articles, References, Credits, or External Links

NA