Solved

Export Groups from old AD (windows 2000) and import into Windows 2012 AD

Posted on 2015-01-23
3
314 Views
Last Modified: 2015-01-23
hi guys

I'm transferring people from an old system on to a new one.

The old domain is on Windows 2000 and I wanted to know how I could export all of the distribution groups and security that exist there and then have them re-imported into the new AD environment on 2012?

Otherwise it would mean having to go in and create things manually!

Thanks for your help
Yashy
0
Comment
Question by:Yashy
3 Comments
 
LVL 25

Accepted Solution

by:
Mohammed Khawaja earned 250 total points
ID: 40566081
If you wish to migrate users, groups and potentially passwords then use ADMT (AD Migration Tools) and move objects across domains.

If that is not what you wish to do then you could use LDIFDE or CSVDE utilities to export the required objects.  Refer to following links for more info:

https://technet.microsoft.com/en-ca/library/cc731033.aspx
https://technet.microsoft.com/en-us/library/cc732101.aspx
0
 
LVL 3

Assisted Solution

by:Waddah Dahah
Waddah Dahah earned 250 total points
ID: 40566085
Hello Yashy,

well you can use the free built-in tool LDIFDE or create a VBScript or a third party tool,

if you want to use LDIFDE tool try the following;

 Export Groups (only groups with members) from Source Domain
a.    Syntax:

ldifde -f c:\LDIFDE_export\export_Groups_WITH_Members.ldf -s <DC NAME> -d "<DOMAIN DN>" -p subtree -r "(&(ObjectCategory=group)(objectClass=group)(name=*)(member=*))" -l "member" -j c:\

Modify Process:
Search / Replace all exported data sets.  Search for old domain name DN and replace with new domain DN.  You will have to "massage" the exported data sets to properly format them so they can be used as the import source data sets.  The LDIFDE export process adds extraneous carriage return line feeds (0d0a) to the data sets.  You will have to remove those with your favorite hex editor.

Import process:

Import Groups members to destination domain
a.      Syntax:

ldifde -i -k -f c:\import\export_Groups_WITH_Members.ldf -s <domaincontroller> -v –j c:\<destinationdir>

Note: All imported users will be disabled.  This process does not import user passwords.  You will want to run a script that will set the flag to force all users to change their passwords upon initial authentication.

Third party tool;

this tool will help you to export the data from AD only.

http://www.dovestones.com/active-directory-export/

I hope this will help.
Waddah.
0
 
LVL 1

Author Closing Comment

by:Yashy
ID: 40566098
Much thanks guys.

I'll go ahead and configure the ADMT server right now!:) Good to know the LDIFDE command too. Cheers
0

Featured Post

Microsoft Certification Exam 74-409

Veeam® is happy to provide the Microsoft community with a study guide prepared by MVP and MCT, Orin Thomas. This guide will take you through each of the exam objectives, helping you to prepare for and pass the examination.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

The reason that corporations and businesses use Windows servers is because it supports custom modifications to adapt to the business and what it needs. Most individual users won’t need such powerful options. Here I’ll explain how you can enable Wind…
Is your Office 365 signature not working the way you want it to? Are signature updates taking up too much of your time? Let's run through the most common problems that an IT administrator can encounter when dealing with Office 365 email signatures.
In this Micro Tutorial viewers will learn how they can get their files copied out from their unbootable system without need to use recovery services. As an example non-bootable Windows 2012R2 installation is used which has boot problems.
This tutorial will walk an individual through the process of installing of Data Protection Manager on a server running Windows Server 2012 R2, including the prerequisites. Microsoft .Net 3.5 is required. To install this feature, go to Server Manager…

919 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

14 Experts available now in Live!

Get 1:1 Help Now