Improve company productivity with a Business Account.Sign Up

x
  • Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 364
  • Last Modified:

Export Groups from old AD (windows 2000) and import into Windows 2012 AD

hi guys

I'm transferring people from an old system on to a new one.

The old domain is on Windows 2000 and I wanted to know how I could export all of the distribution groups and security that exist there and then have them re-imported into the new AD environment on 2012?

Otherwise it would mean having to go in and create things manually!

Thanks for your help
Yashy
0
Yashy
Asked:
Yashy
2 Solutions
 
Mohammed KhawajaManager - Infrastructure:  Information TechnologyCommented:
If you wish to migrate users, groups and potentially passwords then use ADMT (AD Migration Tools) and move objects across domains.

If that is not what you wish to do then you could use LDIFDE or CSVDE utilities to export the required objects.  Refer to following links for more info:

https://technet.microsoft.com/en-ca/library/cc731033.aspx
https://technet.microsoft.com/en-us/library/cc732101.aspx
0
 
Waddah DahahCommented:
Hello Yashy,

well you can use the free built-in tool LDIFDE or create a VBScript or a third party tool,

if you want to use LDIFDE tool try the following;

 Export Groups (only groups with members) from Source Domain
a.    Syntax:

ldifde -f c:\LDIFDE_export\export_Groups_WITH_Members.ldf -s <DC NAME> -d "<DOMAIN DN>" -p subtree -r "(&(ObjectCategory=group)(objectClass=group)(name=*)(member=*))" -l "member" -j c:\

Modify Process:
Search / Replace all exported data sets.  Search for old domain name DN and replace with new domain DN.  You will have to "massage" the exported data sets to properly format them so they can be used as the import source data sets.  The LDIFDE export process adds extraneous carriage return line feeds (0d0a) to the data sets.  You will have to remove those with your favorite hex editor.

Import process:

Import Groups members to destination domain
a.      Syntax:

ldifde -i -k -f c:\import\export_Groups_WITH_Members.ldf -s <domaincontroller> -v –j c:\<destinationdir>

Note: All imported users will be disabled.  This process does not import user passwords.  You will want to run a script that will set the flag to force all users to change their passwords upon initial authentication.

Third party tool;

this tool will help you to export the data from AD only.

http://www.dovestones.com/active-directory-export/

I hope this will help.
Waddah.
0
 
YashyAuthor Commented:
Much thanks guys.

I'll go ahead and configure the ADMT server right now!:) Good to know the LDIFDE command too. Cheers
0
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

Join & Write a Comment

Featured Post

Free Tool: ZipGrep

ZipGrep is a utility that can list and search zip (.war, .ear, .jar, etc) archives for text patterns, without the need to extract the archive's contents.

One of a set of tools we're offering as a way to say thank you for being a part of the community.

Tackle projects and never again get stuck behind a technical roadblock.
Join Now