Solved

Active Directory Migration

Posted on 2007-03-21
4
2,814 Views
Last Modified: 2008-05-31
Hi

Im trying to do an Active Directory migration from one domain to another, these are differnet forests i.e. abc.com and 123.com. Here's whats been done, DNS it working with secondary zones setup for each server so they can handle dns requests. I have also created the trusts between the domains and validated each fine.

However ive installed the Active Directory Migration tool but when i got to move a user I get the following error in the log
2007-03-21 20:28:05 ERR2:7301 Failed to migrate source object 'CN=admin admin' to domain 'abc.com'. The target object could not be created. hr=0x80070005  Access is denied.

Can yoy help?
Thanks
0
Comment
Question by:kev8326
  • 2
  • 2
4 Comments
 
LVL 48

Accepted Solution

by:
Jay_Jay70 earned 250 total points
ID: 18767537
are you using crenetials from your domain or from the source domain?
0
 

Author Comment

by:kev8326
ID: 18769989
Hi

I believe that is where i was going wrong, i was putting in details of the target domain rather than the source. It appears i've moved forward and gained another stumbling block...

I get a message SID History for test1 cannot be updated because auditing is not enabled on abc.com.   rc=8536.\n  This operation requires that auditing be enabled for Success and Failure auditing of account management operations

I have enabled this in group policy and made sure that it has success and failures. this is done at the root of AD and there isnt anything to stop it propogating to other OU's.

Is there something ive missed?
thanks
0
 

Author Comment

by:kev8326
ID: 18771866
Hi

Somehow got it working, i also added the admin on domain A to the account operators group in Domain B and it started working. Does that sound like it was the isue?
0
 
LVL 48

Expert Comment

by:Jay_Jay70
ID: 18789872
deffinitely, you need to have the priviliges on the local domain :) Nice work mate!
0

Featured Post

Enabling OSINT in Activity Based Intelligence

Activity based intelligence (ABI) requires access to all available sources of data. Recorded Future allows analysts to observe structured data on the open, deep, and dark web.

Join & Write a Comment

This article is in response to a question (http://www.experts-exchange.com/Networking/Network_Management/Network_Analysis/Q_28230497.html) here at Experts Exchange. The Original Poster (OP) requires a utility that will accept a list of IP addresses …
Many of us in IT utilize a combination of roaming profiles and folder redirection to ensure user information carries over from one workstation to another; in my environment, it was to enable virtualization without needing a separate desktop for each…
This tutorial will walk an individual through the steps necessary to join and promote the first Windows Server 2012 domain controller into an Active Directory environment running on Windows Server 2008. Determine the location of the FSMO roles by lo…
This tutorial will walk an individual through the process of transferring the five major, necessary Active Directory Roles, commonly referred to as the FSMO roles to another domain controller. Log onto the new domain controller with a user account t…

705 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

18 Experts available now in Live!

Get 1:1 Help Now