asked on
Moving Users In Active Directory
Hi All,
I need to move a user in Active directory from one subdomain to another subdomain.
I have a network with domain A being top level, domains B and C are child domains from domain A.
I need to move 2 users one from domain A to domain C and one from domain B to domain C.
I am trying to use the movetree utility and i have tried doing a test run, however it comes back with a SAM error saying that the object already exists.
What am i doing wrong or how do i do this correctly?
Many Thanks
Andy
I need to move a user in Active directory from one subdomain to another subdomain.
I have a network with domain A being top level, domains B and C are child domains from domain A.
I need to move 2 users one from domain A to domain C and one from domain B to domain C.
I am trying to use the movetree utility and i have tried doing a test run, however it comes back with a SAM error saying that the object already exists.
What am i doing wrong or how do i do this correctly?
Many Thanks
Andy
Windows Server 2003
Last Comment
CetusMOD
ASKER
Hi Mike,
I have tried the Microsoft article you mentioned and had no luck.
The other part of the question is how do you specify a single user? the MS article refers to OU's.
I get the same error and i have checked that the user does not exist in domain C.
I have tried the Microsoft article you mentioned and had no luck.
The other part of the question is how do you specify a single user? the MS article refers to OU's.
I get the same error and i have checked that the user does not exist in domain C.
Make sure you don't have other users with the same logon name in the target domain.
you can find out with the following command:
csvde -f output.csv -r"(&(objcetClass=user)(sA
you can find out with the following command:
csvde -f output.csv -r"(&(objcetClass=user)(sA
ASKER
Hi,
Thanks for that but it generated an error
Invalid Argument: sAMAccountName
Thanks for that but it generated an error
Invalid Argument: sAMAccountName
Sorry about that, try it this way:
csvde -f output.csv -r "(&(objectCategory=person)
This is an example output:
DN,sAMAccountName
"CN=Bob Boss,CN=Users,DC=mydomain,
csvde -f output.csv -r "(&(objectCategory=person)
This is an example output:
DN,sAMAccountName
"CN=Bob Boss,CN=Users,DC=mydomain,
I changed it to objectcategory=person, because it includes users and groups. Users and groups most have unique logon names. Even if different object class.
IV
IV
ASKER
I have run the command successfully and have found that the user exists only once in the forest, therefore movetree should not complain that it already exists and cannot move the user.
Also, with the movetree how do you specify a user rather than an OU?
All microsofts examples refer to OU's
Also, with the movetree how do you specify a user rather than an OU?
All microsofts examples refer to OU's
to move a single object, specify the object's dn like:
/sdn="CN=Bob Boss,CN=Users,DC=mydomain,
Could you post the entire command you are using?
ASKER
Hi all,
Got it working,
Found out the following, you need to remove the user to be moved from any group memberships other than domain users.
Then run the movetree command with syntax as follows:
C:\>MoveTree /check /s server01.domain.com /d server02.domain.com /sdn OU=Source OU,DC=Domain,DC=Com /ddn Destination OU,DC=Domain,DC=Com /u Domain\administrator /p password
This makes the check and completes fine, then you change the /check to /start to carry out the operation.
I had problems targetting single objects but i just created a temporary OU and moved that, then moved the user out and deleted the OU.
Thanks for all your suggestions though people!
Got it working,
Found out the following, you need to remove the user to be moved from any group memberships other than domain users.
Then run the movetree command with syntax as follows:
C:\>MoveTree /check /s server01.domain.com /d server02.domain.com /sdn OU=Source OU,DC=Domain,DC=Com /ddn Destination OU,DC=Domain,DC=Com /u Domain\administrator /p password
This makes the check and completes fine, then you change the /check to /start to carry out the operation.
I had problems targetting single objects but i just created a temporary OU and moved that, then moved the user out and deleted the OU.
Thanks for all your suggestions though people!
No comment has been added to this question in more than 21 days, so it is now classified as abandoned.
I will leave the following recommendation for this question in the Cleanup topic area:
PAQ - Refund
Any objections should be posted here in the next 4 days. After that time, the question will be closed.
Miguel
EE Cleanup Volunteer
I will leave the following recommendation for this question in the Cleanup topic area:
PAQ - Refund
Any objections should be posted here in the next 4 days. After that time, the question will be closed.
Miguel
EE Cleanup Volunteer
ASKER CERTIFIED SOLUTION
THIS SOLUTION ONLY AVAILABLE TO MEMBERS.
View this solution by signing up for a free trial.
Members can start a 7-Day free trial and enjoy unlimited access to the platform.
http://support.microsoft.com/default.aspx?scid=KB;en-us;q238394
How to Use the MoveTree Utility to Move Objects Between Domains in a Single Forest
Did you search domain C for that object
Create a test user in domain A and try to move that object, I wonder if you get the same error.
I'll let you know if I find anything.
Thanks
Mike