Still celebrating National IT Professionals Day with 3 months of free Premium Membership. Use Code ITDAY17

x
?
Solved

Active Directory Migration

Posted on 2007-03-21
4
Medium Priority
?
2,913 Views
Last Modified: 2008-05-31
Hi

Im trying to do an Active Directory migration from one domain to another, these are differnet forests i.e. abc.com and 123.com. Here's whats been done, DNS it working with secondary zones setup for each server so they can handle dns requests. I have also created the trusts between the domains and validated each fine.

However ive installed the Active Directory Migration tool but when i got to move a user I get the following error in the log
2007-03-21 20:28:05 ERR2:7301 Failed to migrate source object 'CN=admin admin' to domain 'abc.com'. The target object could not be created. hr=0x80070005  Access is denied.

Can yoy help?
Thanks
0
Comment
Question by:kev8326
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 2
  • 2
4 Comments
 
LVL 48

Accepted Solution

by:
Jay_Jay70 earned 750 total points
ID: 18767537
are you using crenetials from your domain or from the source domain?
0
 

Author Comment

by:kev8326
ID: 18769989
Hi

I believe that is where i was going wrong, i was putting in details of the target domain rather than the source. It appears i've moved forward and gained another stumbling block...

I get a message SID History for test1 cannot be updated because auditing is not enabled on abc.com.   rc=8536.\n  This operation requires that auditing be enabled for Success and Failure auditing of account management operations

I have enabled this in group policy and made sure that it has success and failures. this is done at the root of AD and there isnt anything to stop it propogating to other OU's.

Is there something ive missed?
thanks
0
 

Author Comment

by:kev8326
ID: 18771866
Hi

Somehow got it working, i also added the admin on domain A to the account operators group in Domain B and it started working. Does that sound like it was the isue?
0
 
LVL 48

Expert Comment

by:Jay_Jay70
ID: 18789872
deffinitely, you need to have the priviliges on the local domain :) Nice work mate!
0

Featured Post

Three Reasons Why Backup is Strategic

Backup is strategic to your business because your data is strategic to your business. Without backup, your business will fail. This white paper explains why it is vital for you to design and immediately execute a backup strategy to protect 100 percent of your data.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Auditing domain password hashes is a commonly overlooked but critical requirement to ensuring secure passwords practices are followed. Methods exist to extract hashes directly for a live domain however this article describes a process to extract u…
How to deal with a specific error when using the Enable-RemoteMailbox cmdlet to create a mailbox in the cloud-based service, for an existing user in an on-premises Active Directory.
This video shows how to use Hyena, from SystemTools Software, to update 100 user accounts from an external text file. View in 1080p for best video quality.
There are cases when e.g. an IT administrator wants to have full access and view into selected mailboxes on Exchange server, directly from his own email account in Outlook or Outlook Web Access. This proves useful when for example administrator want…
Suggested Courses

670 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question