Solved

move user profile from old domain to new

Posted on 2010-08-19
3
841 Views
Last Modified: 2013-11-25
Experts,

I have an old domain abc.edu and a new domain, xyz.edu.

Need to migrate users from abc.edu to xyz.edu.  

Current steps to take:
1. Disjoin abc.edu and join workgroup.
2. Join to xyz.edu.
3. Login as the user to create a new local profile.
4. Login as local admin, open regedit, and repoint the profilepath, reset ntfs permissions and user profile hive ntuser.dat hive.

This is a lot of work and I need to do this on 89 workstations.

What I'm looking for is let's say the username is jsmith.  Jsmith has a local profile in c:\documents and settings\jsmith.  Now if I join the system to the xyz.edu domain, and login as jsmith, I will get a new profile called jsmith.xyz in the same folder.

Is there a tool, which will:
1. Change Jsmith's xyz.edu domain profile location to the original path of his old profile
2. Reset permissions on the jsmith profile to allow jsmith@xyz.edu to access the files
3. Reset the hive for the ntuser.dat file inside the jsmith profile to allow jsmith@xyz.edu full access
4. Reset profilepath location from jsmith.xyz to jsmith
???

I know that in the SBS world if you have a workgroup account, you can use the connectcomputer wizard, but this is in a non-SBS setup, and we're going from domain abc to domain xyz...  any FREE tools or scripts to accomodate this, so that the manual clicking doesn't have to be done by hand?

I envision a script which will enumerate local profiles, their SIDS and paths, which will basically ask for input, PROFILEA and PROFILEB.  When executed, magically, the thing will allow PROFILEB to use PROFILEA as default with all of the permissions set correctly.  Anyone?
0
Comment
Question by:taki1gostek
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
3 Comments
 
LVL 2

Expert Comment

by:Henry_DunnIII
ID: 33481046
I'm a little confused here.  Are you trying to migrate from one AD domain to another?  Or, from what it sounds like to me, you're trying to move just the users profiles?  Or is it both?  Sounds like you are looking migration.  And if so, you're talking about a 2 step process.  1 step is moving the users AD account, and the 2nd step is moving the desktop profile, the users environment.  Am I in the right ballpark?
0
 
LVL 53

Expert Comment

by:Will Szymkowski
ID: 33481080
If you need to move profiles I would recommend using the USMT (User State Migration Tool) to move your profiles.

What you could do is move them to a server Share, set the profile path in the Users AD account, login to the machine and this will pull the profile from the server to the workstation. You can then remove the profile path from AD if you dont want to use roaming profiles.

0
 
LVL 2

Accepted Solution

by:
taki1gostek earned 0 total points
ID: 33481086
Thanks guys... Moderator, please close the question... i found the solution here:
http://www.forensit.com/downloads.html

UserProfileWizard
0

Featured Post

Free NetCrunch network monitor licenses!

Only on Experts-Exchange: Sign-up for a free-trial and we'll send you your permanent license!

Here is what you get: 30 Nodes | Unlimited Sensors | No Time Restrictions | Absolutely FREE!

Act now. This offer ends July 14, 2017.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

This article explains the steps required to use the default Photos screensaver to display branding/corporate images
A company’s centralized system that manages user data, security, and distributed resources is often a focus of criminal attention. Active Directory (AD) is no exception. In truth, it’s even more likely to be targeted due to the number of companies …
Simple Linear Regression
Attackers love to prey on accounts that have privileges. Reducing privileged accounts and protecting privileged accounts therefore is paramount. Users, groups, and service accounts need to be protected to help protect the entire Active Directory …

688 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question