• Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 4017
  • Last Modified:

Uers and computers migration cross forest with ADMT

I'm try to use ADMT to migrate users and computer from domain_A (W2k3 funct. level) in forest_1 to domain_B (W2k3 funct. level)  in forest_2.
I've problems to migrate the SID. When I try to migrate the SID, the ADMT pop-up the error "Could not verify auditing and TcpipClientSupport on domains. Will not be able to migrate Sid's. Access is denied".
Some suggestion?

Another problem, less important, is migrate the password. When I try to do that, using the Password Export Server Service, ADMT pop-up error that require to put the domain_B\administrator in the domain_A\DomainAdmins group. Is this possible?

Thanks in advance for your attention.

1 Solution
Chris DentPowerShell DeveloperCommented:

TCPIP Client Support must be enabled in the registry on the Source Domain Controller, the key is:


Then TcpipClientSupport should be created as a DWORD and set to 1 (then the server rebooted).

For me personally I normally run ADMT as a Domain Admin in the Source Domain that has been added to the Administrators Group in the Destination Domain which gets past the security issues you're getting.

Anyway, there's an MS Article all about this one:


DavideDAuthor Commented:

Hi Chris,
following your suggestion I finish the cross forest migration with the ADMT v.2.0, maybe the big error was to use the version v.3.0 of the tool.


Featured Post

Concerto Cloud for Software Providers & ISVs

Can Concerto Cloud Services help you focus on evolving your application offerings, while delivering the best cloud experience to your customers? From DevOps to revenue models and customer support, the answer is yes!

Learn how Concerto can help you.

Tackle projects and never again get stuck behind a technical roadblock.
Join Now