Uers and computers migration cross forest with ADMT

I'm try to use ADMT to migrate users and computer from domain_A (W2k3 funct. level) in forest_1 to domain_B (W2k3 funct. level)  in forest_2.
I've problems to migrate the SID. When I try to migrate the SID, the ADMT pop-up the error "Could not verify auditing and TcpipClientSupport on domains. Will not be able to migrate Sid's. Access is denied".
Some suggestion?

Another problem, less important, is migrate the password. When I try to do that, using the Password Export Server Service, ADMT pop-up error that require to put the domain_B\administrator in the domain_A\DomainAdmins group. Is this possible?

Thanks in advance for your attention.

Who is Participating?
Chris DentPowerShell DeveloperCommented:

TCPIP Client Support must be enabled in the registry on the Source Domain Controller, the key is:


Then TcpipClientSupport should be created as a DWORD and set to 1 (then the server rebooted).

For me personally I normally run ADMT as a Domain Admin in the Source Domain that has been added to the Administrators Group in the Destination Domain which gets past the security issues you're getting.

Anyway, there's an MS Article all about this one:


DavideDAuthor Commented:

Hi Chris,
following your suggestion I finish the cross forest migration with the ADMT v.2.0, maybe the big error was to use the version v.3.0 of the tool.

Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

All Courses

From novice to tech pro — start learning today.