Solved

How to move user from a child domain to a parent domain

Posted on 2007-11-21
15
527 Views
Last Modified: 2008-02-01
Hi!
I need to move a user from one of our child domain (Windows Server 2003 Std) to the parent domain (Windows Server 2003 std).  Domain Functional Level is Windows 2003.  What is the best way to do that???
Thanks!
0
Comment
Question by:polycorjsp
  • 8
  • 4
  • 3
15 Comments
 
LVL 30

Expert Comment

by:LauraEHunterMVP
ID: 20329412
For a single user, use the Active Directory Migration Toolkit, free download from MS available here: http://www.microsoft.com/downloads/details.aspx?FamilyID=6f86937b-533a-466d-a8e8-aff85ad3d212
0
 
LVL 51

Expert Comment

by:Netman66
ID: 20329416
Right-click>Move?

0
 
LVL 30

Expert Comment

by:LauraEHunterMVP
ID: 20329431
Does the ADUC Move option function in-between domains?  I thought it would only move within the OU structure of a single domain.
0
 

Author Comment

by:polycorjsp
ID: 20329454
Do I install the Active Directory Migration tools on the Child Domain or the Parent domain?
0
 
LVL 51

Expert Comment

by:Netman66
ID: 20329455
Sure does.

You must have the right to create users on both domains and it must be done from the source domain to the destination domain.

The destination domain should be in Native mode - that's covered according to the question.


See:

http://www.microsoft.com/technet/scriptcenter/guide/sas_usr_aznz.mspx?mfr=true
0
 
LVL 51

Expert Comment

by:Netman66
ID: 20329475
Hmm..perhaps I was a bit hasty - you can't load up both domains in ADUC.....

I think this should be done using the scripts on that link.

I need a coffee..... :o(

0
 
LVL 51

Expert Comment

by:Netman66
ID: 20329493
Moveuser.exe this should do it.

0
Optimizing Cloud Backup for Low Bandwidth

With cloud storage prices going down a growing number of SMBs start to use it for backup storage. Unfortunately, business data volume rarely fits the average Internet speed. This article provides an overview of main Internet speed challenges and reveals backup best practices.

 

Author Comment

by:polycorjsp
ID: 20329553
I've tried this and it dosen't work; i've never used scripting... :(

Set objOU = GetObject("LDAP://ou=move,cn=mroy,dc=child,dc=domain,dc=com")

objOU.MoveHere _
 "LDAP://cn=mroy,ou=move,dc=domain,dc=com", _
 vbNullString
0
 
LVL 51

Expert Comment

by:Netman66
ID: 20329618
Man.....I'm smoking some serious crack today!  I should have to re-write my exam for being so brain dead....

Okay - my apologies for all the crappy advice I've given previously.  Bad day today.

Install the Reskit - it's free.

Use the Movetree utility to move the user.

movetree /start /s sourcedomain /d destination domain /sdn
CN=username,CN=users,DC=source,DC=com /ddn
CN=username,OU=users,DC=target,DC=com

you may need to add this at the end:

/u domain\adminuser

0
 
LVL 51

Expert Comment

by:Netman66
ID: 20329637
To get the exact directory path (if you don't know it), install the Support Tools and use this command to get the syntax:

dsquery user -name "Sam Spade"

It should return a directory path to the object - this is the way you need to enter it in Movetree.

0
 
LVL 30

Accepted Solution

by:
LauraEHunterMVP earned 500 total points
ID: 20329641
Movetree was for 2000, though.  2003 recommends ADMT except for objects that ADMT can't handle like contacts: http://technet2.microsoft.com/windowsserver/en/library/7ebf19b3-f395-425e-ad20-6c0a98af04c31033.mspx?mfr=true
0
 
LVL 51

Expert Comment

by:Netman66
ID: 20329682
Damn.....batting a thousand today. :o)

I can't imagine why they included it in the 2003 Reskit if it's that ugly - but, hey, today it seems I have some serious issues...... :o)

0
 

Author Comment

by:polycorjsp
ID: 20329764
Ok; the ADMT is downloaded on my child domain.
The user "mroy" is in the ou "move".  It should be move the the ou "Move" on the parent server. Can you help me on the syntax to be sure I don't mess everyting?
Thanks!
0
 

Author Comment

by:polycorjsp
ID: 20329820
Is this the correct syntax:

movetree /check /s servername.childdomain.parentdomain.com /d servername.parentdomain.com /sdn OU=Move,dc=childdomain,dc=parentdomain,dc=com /ddn OU=Move,DC=partendomain,dc=com /u Partendomain\Administrator /p *
0
 
LVL 51

Expert Comment

by:Netman66
ID: 20330415
You're missing the user object.

As Laura states, it's likely not wise to use this method but rather ADMT.

0

Featured Post

PRTG Network Monitor: Intuitive Network Monitoring

Network Monitoring is essential to ensure that computer systems and network devices are running. Use PRTG to monitor LANs, servers, websites, applications and devices, bandwidth, virtual environments, remote systems, IoT, and many more. PRTG is easy to set up & use.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

I have never ceased to be amazed how many problems you can encounter on a fresh install of a Windows operating system.  This is certainly case in point& Unable to complete ANY MSI installation.  This means Windows Updates are failing and I can't …
So you have two Windows Servers and you have a directory/folder/files on one that you'd like to mirror to the other?  You don't really want to deal with DFS or a 3rd party solution like Doubletake. You can use Robocopy from the Windows Server 200…
This is a video that shows how the OnPage alerts system integrates into ConnectWise, how a trigger is set, how a page is sent via the trigger, and how the SENT, DELIVERED, READ & REPLIED receipts get entered into the internal tab of the ConnectWise …
A company’s greatest vulnerability is their email. CEO fraud, ransomware and spear phishing attacks are the no1 threat to a company’s security. Cybercrime is responsible for the largest loss of money to companies today with losses projected to r…

932 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

14 Experts available now in Live!

Get 1:1 Help Now