Solved

How to move user from a child domain to a parent domain

Posted on 2007-11-21
15
529 Views
Last Modified: 2008-02-01
Hi!
I need to move a user from one of our child domain (Windows Server 2003 Std) to the parent domain (Windows Server 2003 std).  Domain Functional Level is Windows 2003.  What is the best way to do that???
Thanks!
0
Comment
Question by:polycorjsp
  • 8
  • 4
  • 3
15 Comments
 
LVL 30

Expert Comment

by:LauraEHunterMVP
ID: 20329412
For a single user, use the Active Directory Migration Toolkit, free download from MS available here: http://www.microsoft.com/downloads/details.aspx?FamilyID=6f86937b-533a-466d-a8e8-aff85ad3d212
0
 
LVL 51

Expert Comment

by:Netman66
ID: 20329416
Right-click>Move?

0
 
LVL 30

Expert Comment

by:LauraEHunterMVP
ID: 20329431
Does the ADUC Move option function in-between domains?  I thought it would only move within the OU structure of a single domain.
0
PRTG Network Monitor: Intuitive Network Monitoring

Network Monitoring is essential to ensure that computer systems and network devices are running. Use PRTG to monitor LANs, servers, websites, applications and devices, bandwidth, virtual environments, remote systems, IoT, and many more. PRTG is easy to set up & use.

 

Author Comment

by:polycorjsp
ID: 20329454
Do I install the Active Directory Migration tools on the Child Domain or the Parent domain?
0
 
LVL 51

Expert Comment

by:Netman66
ID: 20329455
Sure does.

You must have the right to create users on both domains and it must be done from the source domain to the destination domain.

The destination domain should be in Native mode - that's covered according to the question.


See:

http://www.microsoft.com/technet/scriptcenter/guide/sas_usr_aznz.mspx?mfr=true
0
 
LVL 51

Expert Comment

by:Netman66
ID: 20329475
Hmm..perhaps I was a bit hasty - you can't load up both domains in ADUC.....

I think this should be done using the scripts on that link.

I need a coffee..... :o(

0
 
LVL 51

Expert Comment

by:Netman66
ID: 20329493
Moveuser.exe this should do it.

0
 

Author Comment

by:polycorjsp
ID: 20329553
I've tried this and it dosen't work; i've never used scripting... :(

Set objOU = GetObject("LDAP://ou=move,cn=mroy,dc=child,dc=domain,dc=com")

objOU.MoveHere _
 "LDAP://cn=mroy,ou=move,dc=domain,dc=com", _
 vbNullString
0
 
LVL 51

Expert Comment

by:Netman66
ID: 20329618
Man.....I'm smoking some serious crack today!  I should have to re-write my exam for being so brain dead....

Okay - my apologies for all the crappy advice I've given previously.  Bad day today.

Install the Reskit - it's free.

Use the Movetree utility to move the user.

movetree /start /s sourcedomain /d destination domain /sdn
CN=username,CN=users,DC=source,DC=com /ddn
CN=username,OU=users,DC=target,DC=com

you may need to add this at the end:

/u domain\adminuser

0
 
LVL 51

Expert Comment

by:Netman66
ID: 20329637
To get the exact directory path (if you don't know it), install the Support Tools and use this command to get the syntax:

dsquery user -name "Sam Spade"

It should return a directory path to the object - this is the way you need to enter it in Movetree.

0
 
LVL 30

Accepted Solution

by:
LauraEHunterMVP earned 500 total points
ID: 20329641
Movetree was for 2000, though.  2003 recommends ADMT except for objects that ADMT can't handle like contacts: http://technet2.microsoft.com/windowsserver/en/library/7ebf19b3-f395-425e-ad20-6c0a98af04c31033.mspx?mfr=true
0
 
LVL 51

Expert Comment

by:Netman66
ID: 20329682
Damn.....batting a thousand today. :o)

I can't imagine why they included it in the 2003 Reskit if it's that ugly - but, hey, today it seems I have some serious issues...... :o)

0
 

Author Comment

by:polycorjsp
ID: 20329764
Ok; the ADMT is downloaded on my child domain.
The user "mroy" is in the ou "move".  It should be move the the ou "Move" on the parent server. Can you help me on the syntax to be sure I don't mess everyting?
Thanks!
0
 

Author Comment

by:polycorjsp
ID: 20329820
Is this the correct syntax:

movetree /check /s servername.childdomain.parentdomain.com /d servername.parentdomain.com /sdn OU=Move,dc=childdomain,dc=parentdomain,dc=com /ddn OU=Move,DC=partendomain,dc=com /u Partendomain\Administrator /p *
0
 
LVL 51

Expert Comment

by:Netman66
ID: 20330415
You're missing the user object.

As Laura states, it's likely not wise to use this method but rather ADMT.

0

Featured Post

Netscaler Common Configuration How To guides

If you use NetScaler you will want to see these guides. The NetScaler How To Guides show administrators how to get NetScaler up and configured by providing instructions for common scenarios and some not so common ones.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

by Batuhan Cetin Within the dynamic life of an IT administrator, we hold many information in our minds like user names, passwords, IDs, phone numbers, incomes, service tags, bills and the order from our wives to buy milk when coming back to home.…
Learn about cloud computing and its benefits for small business owners.
Two types of users will appreciate AOMEI Backupper Pro: 1 - Those with PCIe drives (and haven't found cloning software that works on them). 2 - Those who want a fast clone of their boot drive (no re-boots needed) and it can clone your drive wh…

856 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question