Go Premium for a chance to win a PS4. Enter to Win

x
?
Solved

Move user profile from Samba to Windows 2008 AD

Posted on 2011-02-18
11
Medium Priority
?
2,839 Views
Last Modified: 2012-05-11
We are planning a migration from an environment in which approximately 400 workstations are connected to a Samba based domain. The Samba version is 3.5.4 and we are now planning for migrating these workstations to an Active Directory domain with Windows Server 2008 R2 functional level. In our Samba domain, users have roaming profiles and in the 2008R2 domain there should also be roaming profiles. Hence, we need to be able to move the user profiles from the Samba domain to the 2008R2 domain in the easiest way possible.

We have been looking into some different tools for performing this migration, including Microsoft Active Directory Migration Tool (ADMT) in version 3.2, 3.1 and 3.0. As for 3.2 and 3.1, they both have been claiming that they don't support lecacy domains such as Windows 2000 or NT4, as soon as we have tried to connect to the Samba domain.

What are the potential solutions for this migration? Have anyone of you successfully migrated in an equivalent or similar scenario?

Any input much appreciated.
0
Comment
Question by:exsto
  • 5
  • 3
11 Comments
 
LVL 29

Assisted Solution

by:pwindell
pwindell earned 800 total points
ID: 34943524
Roaming Profiles are replicated profiles.
So there is a local copy of the profile on the workstation.   Start it up without a network cable an you'll see.

Just set the profile to not be roaming and the workstation will use the local copy.

Migrate the machine and get the new user account in the new domain using the correct profile,..then make it roaming again after that and it will make a replica on the new Server.
0
 

Author Comment

by:exsto
ID: 34964024
Thanks for your idea but I have tried this, that’s why it has taken some time to answer, and it does not work or I do something wrong.

This is what I did:
1)      Set the profile to use local profile
2)      I can log on to the account even if connection to the domain is down
3)      Remove it from the current domain controller (Samba) and set the PC in a workgroup
4)      After that I can’t log on with the previous domain account
5)      Connect the PC to the new Windows 2008 AD domain controller
6)      Log on with the old domain account and now it goes wrong, it creates a brand new empty profile and don’t use the local profile from the old domain account.
0
 
LVL 29

Accepted Solution

by:
pwindell earned 800 total points
ID: 34964373
1. Correct
2. Correct
3. Correct
4. That is the way it is supposed to be
5. Correct
6. Log in with the NEW Domain Account and allow it to create a NEW blank fresh profile
7. Copy the contents from the old Profile intot he New one (My Docs, Favorites, Desktop, Cookies, etc)
8. Reconfigure email, import email from old lacation into the new profile if it was stored locally.  If it is an Exchange Server then you only need to configure the Account.
9. Set the Profile back to be a Roaming Profile.
0
Free learning courses: Active Directory Deep Dive

Get a firm grasp on your IT environment when you learn Active Directory best practices with Veeam! Watch all, or choose any amount, of this three-part webinar series to improve your skills. From the basics to virtualization and backup, we got you covered.

 
LVL 29

Assisted Solution

by:pwindell
pwindell earned 800 total points
ID: 34964400
Note that in the new Domain it is a New Account.  A Migration does not move an Account.  Even with migrating between two Windows Domains all it does is "copy" the Account,...while the old Account remains in the old Domain and it not "damaged" by the process.
0
 

Author Comment

by:exsto
ID: 34964440
Thanks again, I will try it again and get back... :)
0
 
LVL 18

Assisted Solution

by:TobiasHolm
TobiasHolm earned 200 total points
ID: 34968896
Hi!

Try using "Microsoft Windows User State Migration Tool (USMT)" instead. It's a tool for copying/migrate user profiles in Windows.

Ref: http://technet.microsoft.com/en-us/library/cc748915%28WS.10%29.aspx#BKMK_M1

Regards, Tobias
0
 

Author Comment

by:exsto
ID: 35116993
To move an account from Samba to a new AD domain in Win 2008R2 you have to do this in two steps. 1) Move the account from the old Samba domain to a local account. Remove the computer from the samba domain. 2) Join the computer to the new domain and run moveuser again.
In this way we can keep all the settings (even settings for non-Microsoft software) and files in the profile intact. It’s fast (if your profile is not so big). But it’s a manual process…  
Details:
1)      Logon as local administrator.
2)      Create a local account, exactly as the Samba domain account with same password
3)      Restart the computer
4)      Logon as local administrator.
5)      Run moveuser to move the samba account to the local account:
moveuser.exe  SAMBADOMAIN\ACCOUNT  LOCALACCTOUNT
get moveuser from http://www.microsoft.com/downloads/en/details.aspx?FamilyID=9d467a69-57ff-4ae7-96ee-b18c4790cffd&displaylang=en
6)      Remove the computer from the samba domain
7)      Restart the computer
8)      Logon as local administrator.
9)      Join the computer to the new AD domain
10)      Restart the computer
11)      Logon with a domain account with full admin rights
12)      Run moveuser again to move the local account to the domain account:
moveuser.exe LOCALACCOUNT AD_DOMAIN\ACCOUNT
13)      Logout
14)      Logon with the new AD account and see that all your setting is there
Notice: You cannot have an empty profile directory on the new domain server. If you have this the profile move will not success… the profile directory cannot exists.
0
 

Author Closing Comment

by:exsto
ID: 35117010
My own solution is the solution that cover the process and with this you can easy move a profile from samba to AD.
0
 

Author Comment

by:exsto
ID: 35117035
The process that I describe is ONLY for Windows XP. If you need to move a profile that’s on a Windows 7 computer you have to use the script:
http://tacklebox.cns.ohiou.edu/Moveuser/
more info at http://support.microsoft.com/kb/930955
0

Featured Post

Simplify Active Directory Administration

Administration of Active Directory does not have to be hard.  Too often what should be a simple task is made more difficult than it needs to be.The solution?  Hyena from SystemTools Software.  With ease-of-use as well as powerful importing and bulk updating capabilities.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

If you’re involved with your company’s wide area network (WAN), you’ve probably heard about SD-WANs. They’re the “boy wonder” of networking, ostensibly allowing companies to replace expensive MPLS lines with low-cost Internet access. But, are they …
In the absence of a fully-fledged GPO Management product like AGPM, the script in this article will provide you with a simple way to watch the domain (or a select OU) for GPOs changes and automatically take backups when policies are added, removed o…
Are you ready to implement Active Directory best practices without reading 300+ pages? You're in luck. In this webinar hosted by Skyport Systems, you gain insight into Microsoft's latest comprehensive guide, with tips on the best and easiest way…
In this video we outline the Physical Segments view of NetCrunch network monitor. By following this brief how-to video, you will be able to learn how NetCrunch visualizes your network, how granular is the information collected, as well as where to f…
Suggested Courses

926 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question