Copy user Accounts FROM Active Directory to Local Windows XP Workstations.

Posted on 2005-04-30
Last Modified: 2010-04-13
I am trying to migrate FROM a windows 2000 active directory install that was not set up properly. After review the Client machines 90% are running windows XP, and have been made members of the active directory domain. The added Log-on, Log Off times for active directory synchronization are a hasle for the users, and I have a new server that they will be using as a file server, only. New Server is Win 2K3. New server has all local accounts setup, and the one client that is not logging into the domain, gets much faster access to network resources. I want to copy the Active directory user profiles, (desktop settings etc. to the local windows XP clients, and have them login locally to their machines. A safe How to would be appreciated.. thanks in advance.
Question by:cyrixsys
    LVL 15

    Expert Comment

    Whilst this doc refers to SBS200 - SBS2003 the steps are very much the same as Win2k - Win2k3

    Basically, you use ADMT to move the user and computer accounts to the new domain. By following this process exactly you will keep your SIDS - the identifiers that say who's who, and this will keep the desktops tied to each user.

    LVL 57

    Expert Comment

    by:Mike Kline

    What you could also do is to create roaming profiles for those users.  Then you create a share on  a server to store those profiles.  Then you will have a copy of the profiles on the server and you could copy them to the local machine.

    How long is it taking the users to log off and log on?  I would start to troublehsoot that first.


    Author Comment

    Minutes, For the Login/Applying personal settings. I already know the problem, is MS DNS, related, but I really Don't see the Active directory payoff. I want to get the profiles out of active directory, and onto the local machines. In the future, they may have linux, or another solution to use that I really don't want to use active directory with. So the true question is has anyone, successfully moved out of active directory, with the users retaining desktop, office, and other history? and if so how to? Thanks. Tons of data on migration to.. but skimpy resources on from active directory.
    LVL 15

    Expert Comment

    Sorry - the profiles aren't in active directory. That's probably why my answer doesn't seem to be sane, as I thought you just wanted to move the user accounts to a new domain.

    The profiles are stored on the workstations unless an AD policy (AKA Group Policy Object or GPO) had set raoming profiles. If that's the case then they still aren't in AD, they are just stored on the server.

    As for the minutes to log on - this is the prime symptom of badly configured DNS.

    Make sure the server DNS is set to it's own DNS server (Or a DNS server you have external that is authorative for your domain, and allows dynamic updates) and that the workstations are all set to the same DNS either manually or via DHCP.

    There is no need to dump the domain - you are going to cause headaches and lose control of the LAN.

    Author Comment

    Thanks, I agree, that the DNS is configured improperly, and is causing the issues as mentioned before, but I really thinnk that the dependance on a local DNS, and other "Features" of the Active directory security, and management are just superfluous. I guess that the more accurate question would have been to move user pfofiles from the domainname\user to the local user. We are only dealing with simple file sharing here, and the reliance on MS DNS, and proprietary settings, is just inefficient. I would preface this (but I am at the end) that I like Microsoft products and am happy with many of the things that they do, however, Users have local mapped acces to the new server in the domain, not as a DC. The net result thatI am loking for is that the users somply logon to their computers, and pass authentication to the network shared resource that they need.. Old school, but efficient..Thanks so much for the assistance.
    LVL 15

    Accepted Solution


    At the workstation log in as admin

    Rename c:\documents and settings\default user to defauly user.old

    rename the required user's profile to default user and apply "everyone" or "users" read permission

    Create the new local user account

    log in as the local user - this copies to old profile to the new user account

    log on as admin

    rename the default user back to "username.olddomain" or something you will recognize in the future

    rename the default user.old back to default user

    disjoin the domain.

    This will keep settings, shares, printers et al set up, but there may be some artifacts left that you won't find until later. The other option - copying the profile over the top of a new user profile causes too many problems, particualrly with SIDs...
    LVL 18

    Expert Comment

    by:luv2smile want to get rid of the domain and go from a domain back to a workgroup setting? Is this correct?
    LVL 30

    Expert Comment

    by:Wayne Barron
    No comment has been added to this question in more than 21 days, so it is now classified as abandoned..
    I will leave the following recommendation for this question in the Cleanup topic area:
    [Accept: harleyjd]

    Any objections should be posted here in the next 4 days. After that time, the question will be closed.

    EE Cleanup Volunteer

    Featured Post

    What Should I Do With This Threat Intelligence?

    Are you wondering if you actually need threat intelligence? The answer is yes. We explain the basics for creating useful threat intelligence.

    Join & Write a Comment

    Suggested Solutions

    NTFS file system has been developed by Microsoft that is widely used by Windows NT operating system and its advanced versions. It is the mostly used over FAT file system as it provides superior features like reliability, security, storage, efficienc…
    The recent Microsoft changes on update philosophy for Windows pre-10 and their impact on existing WSUS implementations.
    This video discusses moving either the default database or any database to a new volume.
    Get a first impression of how PRTG looks and learn how it works.   This video is a short introduction to PRTG, as an initial overview or as a quick start for new PRTG users.

    729 members asked questions and received personalized solutions in the past 7 days.

    Join the community of 500,000 technology professionals and ask your questions.

    Join & Ask a Question

    Need Help in Real-Time?

    Connect with top rated Experts

    19 Experts available now in Live!

    Get 1:1 Help Now