Migrate mailbox to different Exchange Org

Posted on 2007-03-24
Last Modified: 2011-09-20

How do you migrate mailbox from one Ex2003 Org to another Ex2003Org?
I was thinking of:
- set up a trust between the forests
- migrate user accounts using ADMT

Can I then simply MOVE the mailboxes from ExServer1 to ExServer2 (which is in the new Forest)?

If anybody has done this before, could you please share your experience?

Question by:juragan
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
LVL 33

Expert Comment

ID: 18787465
do the following:
you will setup trust between the forest, Enable SIDhistory.
use ADMT to migrate users,Computers
use Exchnage migration wizard or exmerge to migrate mailboxes
i documented the operation in step by step but it is @ home so i will put it once i got there
LVL 104

Expert Comment

ID: 18788049
You cannot move mailboxes between Exchange orgs - there is no concept of a trust between orgs.

Therefore your only option is an exmerge out of the data and then an exmerge in.


Author Comment

ID: 18791163
Hi busbar,

would appreciate if you can post the step by step guide here.

Hi Sembee,

I found the folowing article
it seems that cross org move mailbox is possible (???).
Problems using Powershell and Active Directory?

Managing Active Directory does not always have to be complicated.  If you are spending more time trying instead of doing, then it's time to look at something else. For nearly 20 years, AD admins around the world have used one tool for day-to-day AD management: Hyena. Discover why

LVL 104

Expert Comment

ID: 18791977
That uses the Exchange migration wizard to migrate the accounts.
It doesn't move the mailbox in the conventional way.

I personally only use exmerge as I find it is less problematic than the migration wizard.

LVL 33

Accepted Solution

Busbar earned 250 total points
ID: 18792656
and here is the guide, i have it with images...etc but sorry i can't post them here, this guide will migrate computers and users accounts from top

1.      Ensure that the child domain's domain level is at least 2000 native mode.
2.      Configuring name resolution between two domains as follow:
•      On the DNS of the source domain configure conditional forwarder for the domain “DESTIONATION.COM” to use the DNS server of “DESTIONATION ” domain
•      On the DNS of the target domain configure conditional forwarder for the domain “” to use the DNS server of “Temp” domain.
3.      Create two way external trust relationship between two domains
a.      On the domain controller of “DESTIONATION ” domain, open “Active Directory Domains and Trusts”.
b.      Right click DESTIONATION.COM, and then click properties.
c.      Click on the “trust” tab, and then click “New Trust” button.
d.      On the trust name type “”
e.      On the Direction of  Trust, select two way trust
f.      On the Sides of the Trust, select Both this domain and the specified domain.
g.      On the User Name and Password page, type the administrator      account of the Temp domain and his password, and then click next.
h.      On the Trust Selections Complete page, click next.
i.      On the Trust Creation complete page, click next.
j.      On the Confirm outgoing Trust page, click Yes, and then click next.
k.      On the Confirm incoming Trust page, click Yes, and then click next
l.      On the Completing the New Trust Wizard page, click finfish
1.      After successfully creating the trust relationship, add DESTIONATION  administrator to administrators group of Temp domain.
2.      on the target domain create  an OU named Migrated Objects.
3.      Install Active Directory Migration Tool (ADMT) V 3.0   on the target domain.
4.      Share the following folder "c:\windows\ADMT"
5.      Install Password Migration DLL file in the source domain:
a.      On the target domain controller(which ADMT installed on), create password export key file(.PES) using the following command
admt key /opt:create     /sourcedomain:"netbiosname of the domain" /kf:"file path"

b.      Copy the password file (for example pwdmigration.pes) to the source domain controller (of the renamed domain).
c.      From the source domain controller of Temp domain connect to the shared folder ADMT on the target domain controller, go to PES folder and run PWMIG.EXE, and then click next
d.      In the Encrypted File page select the encryption file for this source domain( the password file you created in step b, and then click next.
e.      On the start Installation page click next.
f.      The installation will prompt you to specify the account on which the Password Export Server service will run. Select Local System account.
g.      After setup is complete, you will be prompted to restart the system.
h.      After restarting the domain controller, verify that the Password Export Server service is found.
i.      On the source domain controller open the registry and edit the following key

HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\LSA\AllowPasswordExport = 1
j.      Add the following registry key (DWORD)
      KEY_LOCAL_MACHINE\System\CurrentControlSet\Control\LSA\TcpipClientSupport =1
k.      Restart source Domain Controller, and then start the Password Export server services.
l.      Add everyone group and anonymous group to pre-windows2000 combatable group on the target domain (remove after completing migration).
m.      Migrate Users’ accounts:
User Account Migration

1.       Run the Active Directory Migration Tool, right click on the first node, choose User Account Migration Wizard, and then click next.
2.       In the Domain Selection page select as the source domain, and select DESTIONATION.COM as the target domain. click  next
3.      In the User Selection Option page, select “Select users from domain”.
4.      Select users you want to migrate, and then click next.
5.      Select the target OU that will host the migrated objects (in this case select Migrated Objects OU), and then click next.
6.       In the Password Options page select Migrate passwords.
7.      In the Account Transition Options page, select “Target same as source”, select “Migrate user SIDs to target domain, and then click next.8.       When prompted to enable auditing on the source domain click yes.
9.      The wizard will inform you that it will create a group with the name of “temp$$$” to be able to migrate SIDs. Click yes.
10.      In the User Account page, type the temp administrator account and its password.
11.       In the Users Option choose to migrate the associated groups, fix group membership, and to translate security.
12.      In the Object Property Exclusion page select next.
13.      In the Conflict Management page, leave the default settings and click next.
14.      Click finish and the migration will start.
15.      Migrate computer accounts
The accounts that run ADMT should be local admin on each computer will be migrated.

Computer Account Migration
1.      Open ADMT using the source domain administrator account and select to migrate computer accounts.
2.      Specify the source domain and target domain.
3.      Select computers to be migrated and specify the target OU.
4.      On the Translate Objects page, select as the following figure.
5.      On the Security Translation Options page, select add
6.      On the Computer Options page type 0 to force restart immediately.
7.      After completing the wizard click finish, a new window named “Active Directory Migration Tool Agent Dialog” appear. ADMT will dispatch an agent to a remote computer or computers to complete computer migrations, security translation, service account enumeration, and account reference reporting. The Agent Dialog page provides status information about each phase of the agent operation. You can use this page to perform precheck and agent operations on all computers

Expert Comment

ID: 21158787
Cross org mailbox moves are possible with the move-mailbox cmdlet.  I'm doing right now between two different Exchange Orgs in two different Forests.  One is an Exchange 2003 Org and the Other contains both Exchange 2003 and Exchange 2007.  There is no one magic syntax with the move-mailbox need to test, test, test to find the right combination of options.

Featured Post

Secure Your Active Directory - April 20, 2017

Active Directory plays a critical role in your company’s IT infrastructure and keeping it secure in today’s hacker-infested world is a must.
Microsoft published 300+ pages of guidance, but who has the time, money, and resources to implement? Register now to find an easier way.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Utilizing an array to gracefully append to a list of EmailAddresses
Read this checklist to learn more about the 15 things you should never include in an email signature.
In this video we show how to create a Contact in Exchange 2013. We show this process by using the Exchange Admin Center. Log into Exchange Admin Center.: First we need to log into the Exchange Admin Center. Navigate to the Recipients >> Contact ta…
Exchange organizations may use the Journaling Agent of the Transport Service to archive messages going through Exchange. However, if the Transport Service is integrated with some email content management application (such as an antispam), the admini…

763 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question