?
Solved

Moving user from child domain to parent domain

Posted on 2015-02-02
6
Medium Priority
?
1,902 Views
Last Modified: 2015-02-03
We are trying to move a user from a child domain ca.domain.com to the parent domain.com.
I was using the Active directory Migration tool and it seemed pretty straight forward until we got an error.

The error we got was
2015-02-02 13:54:27 ERR2:7422 Failed to move source object 'CN=John Doe'. hr=0x8007208c  The operation cannot be performed because child objects exist. This operation can only be performed on a leaf object.

Looking online it looks like this is because the user has an active sync device connected and we need to use ADSI edit to delete this before migrating.

The question I have is if we delete this active sync object from AD will the user have to setup email on their phone again or what can we do to make this seamless to the end-user?

Thanks
0
Comment
Question by:fixitben
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 3
  • 2
6 Comments
 
LVL 25

Expert Comment

by:Mohammed Khawaja
ID: 40584911
You would need to setup email on the phone again.  Another way around this would be to use a MDM solution such as XenMobil, AirWatch, etc. where you can provision the devices remotely.
0
 
LVL 53

Accepted Solution

by:
Will Szymkowski earned 2000 total points
ID: 40585296
You do not need to use ADSIEdit to remove leaf objects. Simply Open Active Direcotry Users and Computers> Click View> select User,Contact, Groups and Computers as Containers. From there find the user expand the object and remove it from there.

This would be a safer way to remove the leaf object.

Also you will have to re-add the phone once this is removed.

Will.
0
 
LVL 7

Author Comment

by:fixitben
ID: 40585302
What do you mean by add the phone? Remove the account from the phone and set it up again? Would it be better to removed the account from the phone first then delete the leaf then add the account back on the phone.
0
Microsoft Certification Exam 74-409

Veeam® is happy to provide the Microsoft community with a study guide prepared by MVP and MCT, Orin Thomas. This guide will take you through each of the exam objectives, helping you to prepare for and pass the examination.

 
LVL 53

Expert Comment

by:Will Szymkowski
ID: 40585305
Removing the account from the phone first would be the easier approach. This way you can ensure that when you remove the entry from Active Directory it will not mess up the phone and give you problems trying to remove the account, without wiping it.

Will.
0
 
LVL 7

Author Comment

by:fixitben
ID: 40585331
Why can't you move the lead object?
0
 
LVL 7

Author Closing Comment

by:fixitben
ID: 40587396
Thanks for your help. I was able to remove the account from the phone then delete the leaf object and it worked great. One thing I didn't realize is you have to delete the exchange folder in AD not just the synced devices. If you removed the devices and leave the folder behind they are in it won't work.
0

Featured Post

Get real performance insights from real users

Key features:
- Total Pages Views and Load times
- Top Pages Viewed and Load Times
- Real Time Site Page Build Performance
- Users’ Browser and Platform Performance
- Geographic User Breakdown
- And more

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

This article will help to fix the below errors for MS Exchange Server 2013 I. Certificate error "name on the security certificate is invalid or does not match the name of the site" II. Out of Office not working III. Make Internal URLs and Externa…
Here's a look at newsworthy articles and community happenings during the last month.
This video shows how to use Hyena, from SystemTools Software, to bulk import 100 user accounts from an external text file. View in 1080p for best video quality.
Sometimes it takes a new vantage point, apart from our everyday security practices, to truly see our Active Directory (AD) vulnerabilities. We get used to implementing the same techniques and checking the same areas for a breach. This pattern can re…
Suggested Courses
Course of the Month15 days, 15 hours left to enroll

741 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question