ADMT (Active Directory Migration Tool) is an ideal utility for copying account information from
Exchange 5.5 and then 'pasting' the user attributes into Windows 2003's Active Directory.
If your situation is that the user accounts are in NT 4.0's SAM database and the mailboxes are
stored in Exchange 5.5, then ADMT can copy the information from the source
domain into Active Directory.
Where you need to maintain account synchronization, or transfer information
from different Exchange organizations, then ADC agreements would be the tool of
choice. However, ADMT allows for better roll-back, because if the accounts do not
copy properly, then users will still be able to log on to the NT 4.0 domain.
Remember that there are actually two separate operations, transferring the
user accounts from NT 4.0, then migrating the mailbox ACLs which are stored in
Exchange 5.5's Dir.edb. It surprised me that ADMT can also migrate the
passwords, so the users get a seamless transition to Exchange 2003.
Guy Recommends:
The SolarWinds Exchange Monitor
Here is a
free tool to monitor your Exchange Server. Download and
install the utility, then inspect your mail queues, monitor the Exchange
server's memory, confirm there is enough disk space and check the CPU
utilization. This is the real deal - there is no catch. SolarWinds
provides this fully-functioning product for free, as part of their commitment to
supporting the network management community.
The problem that you face, which ever method you use to move users from
NT 4.0 to Active Directory is this; users still need permissions in the old NT 4.0 domain.
SIDHistory is designed for just this situation. What happens is that
Active Directory adds an extra property to the users; effectively this means
they have two SIDs, one for NT and one for Active Directory. As a result of transferring
accounts with ADMT, the user
maintains their old NT 4.0 SID as well as gaining a security identifier for the
new domain. In practical terms, this means that users can still use shares
and printers in the old domain without any extra configuration by the
administrators.
As a practical point, the Windows 2003 (target domain) must be in native mode
before you can see an use the SIDHistory attribute.
Unlike Exchange itself, installing ADMT is easy, just break out the Exchange 2003 Server CD,
then navigate to the \i386\ADMT folder. Now execute admigration.msi.
ADMT provides a series of Wizards who will guide you through migrating the
individual users or groups from the NT 4.0 domain to the Windows Server 2003
Active Directory.
When you use ADMT I have three pieces of advice. Firstly, be sure that
you know which is the target domain, and which the source domain. Most
people find it easy, but just as some people have trouble with left and right,
so others have trouble with source (NT) and target (AD).
Secondly be prepared to run ADMT two or three times until you get just the
options and configuration that you want.
Finally, verify from Exchange 5.5 (NOT Exchange 2003) that in the Recipients
folder that the Primary Windows account now reflect the Active Directory name.
Bonus with ADMT - Migrating Profiles.
In addition to pure exchange tasks, I use ADMT to migrate user profiles
particularly on member servers. However, my preferred method to set up
roaming profiles before the migration, that way there is no problem and nothing
else needs to be done.
Guy Recommends: SolarWinds Engineer's Toolset v10
The Engineer's Toolset v10 provides a
comprehensive console of utilities for troubleshooting computer problems. Guy says
it helps me monitor what's occurring on the network, and the tools
teaches me more about how the system literally operates.
There are so many good gadgets, it's like having free rein of a
sweetshop. Thankfully the utilities are displayed logically: monitoring, discovery, diagnostic, and Cisco tools.
Download your copy of the Engineer's Toolset v 10
ADMT is an alternative to using ADC agreements for transferring user
information from Exchange 5.5 to Exchange 2003. Where you just need to
copy and paste users, then favour ADMT. Where you need to synchronise
accounts then choose ADC agreements. Another use of ADMT is to migrate
roaming profiles from NT 4.0 or Windows 2000, to Windows Server 2003.
The
extra features you get in your eBook include: 20 checklists to
plan your migration. Detailed instructions and advice on the best
strategy for your organization.
Lots of tips, recommendations and troubleshooting advice. Problem
solving section. Active Directory explained. Printer friendly
pages.
The
extra features you get in your eBook include: 20 checklists to
plan your migration. Detailed instructions and advice on the best
strategy for your organization.
