?
Solved

How to move user from a child domain to a parent domain

Posted on 2007-11-21
15
Medium Priority
?
540 Views
Last Modified: 2008-02-01
Hi!
I need to move a user from one of our child domain (Windows Server 2003 Std) to the parent domain (Windows Server 2003 std).  Domain Functional Level is Windows 2003.  What is the best way to do that???
Thanks!
0
Comment
Question by:polycorjsp
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 8
  • 4
  • 3
15 Comments
 
LVL 30

Expert Comment

by:LauraEHunterMVP
ID: 20329412
For a single user, use the Active Directory Migration Toolkit, free download from MS available here: http://www.microsoft.com/downloads/details.aspx?FamilyID=6f86937b-533a-466d-a8e8-aff85ad3d212
0
 
LVL 51

Expert Comment

by:Netman66
ID: 20329416
Right-click>Move?

0
 
LVL 30

Expert Comment

by:LauraEHunterMVP
ID: 20329431
Does the ADUC Move option function in-between domains?  I thought it would only move within the OU structure of a single domain.
0
Get real performance insights from real users

Key features:
- Total Pages Views and Load times
- Top Pages Viewed and Load Times
- Real Time Site Page Build Performance
- Users’ Browser and Platform Performance
- Geographic User Breakdown
- And more

 

Author Comment

by:polycorjsp
ID: 20329454
Do I install the Active Directory Migration tools on the Child Domain or the Parent domain?
0
 
LVL 51

Expert Comment

by:Netman66
ID: 20329455
Sure does.

You must have the right to create users on both domains and it must be done from the source domain to the destination domain.

The destination domain should be in Native mode - that's covered according to the question.


See:

http://www.microsoft.com/technet/scriptcenter/guide/sas_usr_aznz.mspx?mfr=true
0
 
LVL 51

Expert Comment

by:Netman66
ID: 20329475
Hmm..perhaps I was a bit hasty - you can't load up both domains in ADUC.....

I think this should be done using the scripts on that link.

I need a coffee..... :o(

0
 
LVL 51

Expert Comment

by:Netman66
ID: 20329493
Moveuser.exe this should do it.

0
 

Author Comment

by:polycorjsp
ID: 20329553
I've tried this and it dosen't work; i've never used scripting... :(

Set objOU = GetObject("LDAP://ou=move,cn=mroy,dc=child,dc=domain,dc=com")

objOU.MoveHere _
 "LDAP://cn=mroy,ou=move,dc=domain,dc=com", _
 vbNullString
0
 
LVL 51

Expert Comment

by:Netman66
ID: 20329618
Man.....I'm smoking some serious crack today!  I should have to re-write my exam for being so brain dead....

Okay - my apologies for all the crappy advice I've given previously.  Bad day today.

Install the Reskit - it's free.

Use the Movetree utility to move the user.

movetree /start /s sourcedomain /d destination domain /sdn
CN=username,CN=users,DC=source,DC=com /ddn
CN=username,OU=users,DC=target,DC=com

you may need to add this at the end:

/u domain\adminuser

0
 
LVL 51

Expert Comment

by:Netman66
ID: 20329637
To get the exact directory path (if you don't know it), install the Support Tools and use this command to get the syntax:

dsquery user -name "Sam Spade"

It should return a directory path to the object - this is the way you need to enter it in Movetree.

0
 
LVL 30

Accepted Solution

by:
LauraEHunterMVP earned 2000 total points
ID: 20329641
Movetree was for 2000, though.  2003 recommends ADMT except for objects that ADMT can't handle like contacts: http://technet2.microsoft.com/windowsserver/en/library/7ebf19b3-f395-425e-ad20-6c0a98af04c31033.mspx?mfr=true
0
 
LVL 51

Expert Comment

by:Netman66
ID: 20329682
Damn.....batting a thousand today. :o)

I can't imagine why they included it in the 2003 Reskit if it's that ugly - but, hey, today it seems I have some serious issues...... :o)

0
 

Author Comment

by:polycorjsp
ID: 20329764
Ok; the ADMT is downloaded on my child domain.
The user "mroy" is in the ou "move".  It should be move the the ou "Move" on the parent server. Can you help me on the syntax to be sure I don't mess everyting?
Thanks!
0
 

Author Comment

by:polycorjsp
ID: 20329820
Is this the correct syntax:

movetree /check /s servername.childdomain.parentdomain.com /d servername.parentdomain.com /sdn OU=Move,dc=childdomain,dc=parentdomain,dc=com /ddn OU=Move,DC=partendomain,dc=com /u Partendomain\Administrator /p *
0
 
LVL 51

Expert Comment

by:Netman66
ID: 20330415
You're missing the user object.

As Laura states, it's likely not wise to use this method but rather ADMT.

0

Featured Post

Get free NFR key for Veeam Availability Suite 9.5

Veeam is happy to provide a free NFR license (1 year, 2 sockets) to all certified IT Pros. The license allows for the non-production use of Veeam Availability Suite v9.5 in your home lab, without any feature limitations. It works for both VMware and Hyper-V environments

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

So you have two Windows Servers and you have a directory/folder/files on one that you'd like to mirror to the other?  You don't really want to deal with DFS or a 3rd party solution like Doubletake. You can use Robocopy from the Windows Server 200…
by Batuhan Cetin In this article I will be guiding through the process of removing a failed DC metadata from Active Directory (hereafter, AD) using the ntdsutil tool in a Windows Server 2003 environment. These steps are not necessary in a Win…
This tutorial will teach you the special effect of super speed similar to the fictional character Wally West aka "The Flash" After Shake : http://www.videocopilot.net/presets/after_shake/ All lightning effects with instructions : http://www.mediaf…
In this video, Percona Solution Engineer Rick Golba discuss how (and why) you implement high availability in a database environment. To discuss how Percona Consulting can help with your design and architecture needs for your database and infrastr…
Suggested Courses

777 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question