Solved

Move user profile from Samba to Windows 2008 AD

Posted on 2011-02-18
11
2,598 Views
Last Modified: 2012-05-11
We are planning a migration from an environment in which approximately 400 workstations are connected to a Samba based domain. The Samba version is 3.5.4 and we are now planning for migrating these workstations to an Active Directory domain with Windows Server 2008 R2 functional level. In our Samba domain, users have roaming profiles and in the 2008R2 domain there should also be roaming profiles. Hence, we need to be able to move the user profiles from the Samba domain to the 2008R2 domain in the easiest way possible.

We have been looking into some different tools for performing this migration, including Microsoft Active Directory Migration Tool (ADMT) in version 3.2, 3.1 and 3.0. As for 3.2 and 3.1, they both have been claiming that they don't support lecacy domains such as Windows 2000 or NT4, as soon as we have tried to connect to the Samba domain.

What are the potential solutions for this migration? Have anyone of you successfully migrated in an equivalent or similar scenario?

Any input much appreciated.
0
Comment
Question by:exsto
  • 5
  • 3
11 Comments
 
LVL 29

Assisted Solution

by:pwindell
pwindell earned 400 total points
ID: 34943524
Roaming Profiles are replicated profiles.
So there is a local copy of the profile on the workstation.   Start it up without a network cable an you'll see.

Just set the profile to not be roaming and the workstation will use the local copy.

Migrate the machine and get the new user account in the new domain using the correct profile,..then make it roaming again after that and it will make a replica on the new Server.
0
 

Author Comment

by:exsto
ID: 34964024
Thanks for your idea but I have tried this, that’s why it has taken some time to answer, and it does not work or I do something wrong.

This is what I did:
1)      Set the profile to use local profile
2)      I can log on to the account even if connection to the domain is down
3)      Remove it from the current domain controller (Samba) and set the PC in a workgroup
4)      After that I can’t log on with the previous domain account
5)      Connect the PC to the new Windows 2008 AD domain controller
6)      Log on with the old domain account and now it goes wrong, it creates a brand new empty profile and don’t use the local profile from the old domain account.
0
 
LVL 29

Accepted Solution

by:
pwindell earned 400 total points
ID: 34964373
1. Correct
2. Correct
3. Correct
4. That is the way it is supposed to be
5. Correct
6. Log in with the NEW Domain Account and allow it to create a NEW blank fresh profile
7. Copy the contents from the old Profile intot he New one (My Docs, Favorites, Desktop, Cookies, etc)
8. Reconfigure email, import email from old lacation into the new profile if it was stored locally.  If it is an Exchange Server then you only need to configure the Account.
9. Set the Profile back to be a Roaming Profile.
0
Connect further...control easier

With the ATEN CE624, you can now enjoy a high-quality visual experience powered by HDBaseT technology and the convenience of a single Cat6 cable to transmit uncompressed video with zero latency and multi-streaming for dual-view applications where remote access is required.

 
LVL 29

Assisted Solution

by:pwindell
pwindell earned 400 total points
ID: 34964400
Note that in the new Domain it is a New Account.  A Migration does not move an Account.  Even with migrating between two Windows Domains all it does is "copy" the Account,...while the old Account remains in the old Domain and it not "damaged" by the process.
0
 

Author Comment

by:exsto
ID: 34964440
Thanks again, I will try it again and get back... :)
0
 
LVL 18

Assisted Solution

by:TobiasHolm
TobiasHolm earned 100 total points
ID: 34968896
Hi!

Try using "Microsoft Windows User State Migration Tool (USMT)" instead. It's a tool for copying/migrate user profiles in Windows.

Ref: http://technet.microsoft.com/en-us/library/cc748915%28WS.10%29.aspx#BKMK_M1

Regards, Tobias
0
 

Author Comment

by:exsto
ID: 35116993
To move an account from Samba to a new AD domain in Win 2008R2 you have to do this in two steps. 1) Move the account from the old Samba domain to a local account. Remove the computer from the samba domain. 2) Join the computer to the new domain and run moveuser again.
In this way we can keep all the settings (even settings for non-Microsoft software) and files in the profile intact. It’s fast (if your profile is not so big). But it’s a manual process…  
Details:
1)      Logon as local administrator.
2)      Create a local account, exactly as the Samba domain account with same password
3)      Restart the computer
4)      Logon as local administrator.
5)      Run moveuser to move the samba account to the local account:
moveuser.exe  SAMBADOMAIN\ACCOUNT  LOCALACCTOUNT
get moveuser from http://www.microsoft.com/downloads/en/details.aspx?FamilyID=9d467a69-57ff-4ae7-96ee-b18c4790cffd&displaylang=en
6)      Remove the computer from the samba domain
7)      Restart the computer
8)      Logon as local administrator.
9)      Join the computer to the new AD domain
10)      Restart the computer
11)      Logon with a domain account with full admin rights
12)      Run moveuser again to move the local account to the domain account:
moveuser.exe LOCALACCOUNT AD_DOMAIN\ACCOUNT
13)      Logout
14)      Logon with the new AD account and see that all your setting is there
Notice: You cannot have an empty profile directory on the new domain server. If you have this the profile move will not success… the profile directory cannot exists.
0
 

Author Closing Comment

by:exsto
ID: 35117010
My own solution is the solution that cover the process and with this you can easy move a profile from samba to AD.
0
 

Author Comment

by:exsto
ID: 35117035
The process that I describe is ONLY for Windows XP. If you need to move a profile that’s on a Windows 7 computer you have to use the script:
http://tacklebox.cns.ohiou.edu/Moveuser/
more info at http://support.microsoft.com/kb/930955
0

Featured Post

Migrating Your Company's PCs

To keep pace with competitors, businesses must keep employees productive, and that means providing them with the latest technology. This document provides the tips and tricks you need to help you migrate an outdated PC fleet to new desktops, laptops, and tablets.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

When you try to share a printer , you may receive one of the following error messages. Error message when you use the Add Printer Wizard to share a printer: Windows could not share your printer. Operation could not be completed (Error 0x000006…
A project that enables an administrator to perform actions within a user session context not just at the time of login but any time later on day(s) or week(s) later.
This tutorial will show how to configure a single USB drive with a separate folder for each day of the week. This will allow each of the backups to be kept separate preventing the previous day’s backup from being overwritten. The USB drive must be s…
This Micro Tutorial hows how you can integrate  Mac OSX to a Windows Active Directory Domain. Apple has made it easy to allow users to bind their macs to a windows domain with relative ease. The following video show how to bind OSX Mavericks to …

830 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question