Tek-Tips is the largest IT community on the Internet today!
Members share and learn making Tek-Tips Forums the best source of peer-reviewed technical information on the Internet!
-
Congratulations Rhinorhino on being selected by the Tek-Tips community for having the most helpful posts in the forums last week. Way to Go!
HELP..using ADMT
- Thread starter redman71
- Start date
- Thread starter
- #3
Source domain NT 4
Target Domain W2K Native
ADMT v2
Use the account migration wizard to migrate the NT 4 accounts to 2K. Make sure you select "enable target accounts" and "migrate SID History".
At this points the accounts are in AD, but the schema has not been extended and the ADC is not in place. It's time to set up the ADC.
When ADC runs, it checks the primary NT account of the 5.5 mailbox and reads it's SID. Then, it finds a match in the AD because of the SID History stamped on the migrated account. Therefore - the match is good. If there was no SID History on the Domain B's account, the ADC would create the new "-1" disabled account. So far, so good; no messy disabled accounts to merge with ADClean.
Houston, we have a problem...
After we migrate the accounts from domain A to domain B, we get into a situation where the 5.5 mailboxes are still ACL'd with the NT 4.0 account as the owner even though the ADC associated the account with the migrated AD account based on SID history. Well, that's ugly.
Fortunately, ADMT v2 has the Exchange directory migration wizard. Its job is to ACL the new AD account back on the permissions of the 5.5 mailbox, thereby cleaning up the mess.
Choose "Exchange Directory Migration WIzard" from the context menu. Ensure you select "Replace" as the security translation option. Let it rip.
You'll find that everything is automagically fixed up, and the new AD accout is now the owner of the mailbox.
Target Domain W2K Native
ADMT v2
Use the account migration wizard to migrate the NT 4 accounts to 2K. Make sure you select "enable target accounts" and "migrate SID History".
At this points the accounts are in AD, but the schema has not been extended and the ADC is not in place. It's time to set up the ADC.
When ADC runs, it checks the primary NT account of the 5.5 mailbox and reads it's SID. Then, it finds a match in the AD because of the SID History stamped on the migrated account. Therefore - the match is good. If there was no SID History on the Domain B's account, the ADC would create the new "-1" disabled account. So far, so good; no messy disabled accounts to merge with ADClean.
Houston, we have a problem...
After we migrate the accounts from domain A to domain B, we get into a situation where the 5.5 mailboxes are still ACL'd with the NT 4.0 account as the owner even though the ADC associated the account with the migrated AD account based on SID history. Well, that's ugly.
Fortunately, ADMT v2 has the Exchange directory migration wizard. Its job is to ACL the new AD account back on the permissions of the 5.5 mailbox, thereby cleaning up the mess.
Choose "Exchange Directory Migration WIzard" from the context menu. Ensure you select "Replace" as the security translation option. Let it rip.
You'll find that everything is automagically fixed up, and the new AD accout is now the owner of the mailbox.
- Status
Similar threads
- Locked
- Question
- Locked
- Question
- Locked
- Question