ForensiT Homepage
Forum Home Forum Home > ForensiT Support > Domain Migration
  New Posts New Posts RSS Feed - migrate profile without access to old domain
  FAQ FAQ  Forum Search   Events   Register Register  Login Login

migrate profile without access to old domain

 Post Reply Post Reply
Author
Message
bstotler View Drop Down
Newbie
Newbie


Joined: 20 Nov 2007
Location: United States
Status: Offline
Points: 3
Post Options Post Options   Thanks (0) Thanks(0)   Quote bstotler Quote  Post ReplyReply Direct Link To This Post Topic: migrate profile without access to old domain
    Posted: 20 Nov 2007 at 11:21pm
I'm trying to use the User Profile Wizard Deployment Kit but when I run the script that gets generated it says 0 accounts will be migrated.
 
The old domain is not accessable to the systems being migrated and I noticed the script is trying to do a sid lookup of the old account.  How can I get around this?  It was my understanding that a connection to the old domain or being joined to it was not required to migrate the profiles.
 
How can I get the wizard to generate a script that will just look at the existing profiles without comparing sids and migrate them if the name is found in the lookup file?
 
Back to Top
Support View Drop Down
Moderator Group
Moderator Group


Joined: 09 Nov 2006
Location: United Kingdom
Status: Offline
Points: 1844
Post Options Post Options   Thanks (0) Thanks(0)   Quote Support Quote  Post ReplyReply Direct Link To This Post Posted: 21 Nov 2007 at 10:07am
Hi,
 
Access to the old domain is definitely not required. However, where the old domain is no longer accessible the workstation should still be joined to the old domain so that the old account name can be resolved to a SID locally.
 
Neither the script generated by the Deployment Kit, nor User Profile Wizard itself works by comparing SIDs. If the script is saying "0 accounts will be migrated" you haven't got to the point where any user accounts are being resolved to SIDs. The script is saying it can't find any accounts matching the old domain name. Check the old domain name that you have specified.
 
If you continue to have problems, please email support@ForensiT.com
 
 
 
 
Back to Top
bstotler View Drop Down
Newbie
Newbie


Joined: 20 Nov 2007
Location: United States
Status: Offline
Points: 3
Post Options Post Options   Thanks (0) Thanks(0)   Quote bstotler Quote  Post ReplyReply Direct Link To This Post Posted: 21 Nov 2007 at 5:07pm
That's interesting, because in another post Support responded to a similar question with the following response and specifically said being joined to the old domain is not necessary. 
 
 
No Access to Previous Domain Gaprofitt 1 152 29 May 2007 at 8:42pm
"User Profile Wizard does not need to access the old domain. Things are easier if the workstations are still joined to the old domain (even if it is not available) because that means user names can be resolved to SIDs locally, but even this isn't necessary."
 
So if I don't have access to the old domain and I've joined the new one the script will never be able to resolve the SID and compare old\new domain.   So will the generated script work in this situation?  I can do it if I use the GUI so I know it can be done, it seems some logic is missing from the vbscript.
Back to Top
Support View Drop Down
Moderator Group
Moderator Group


Joined: 09 Nov 2006
Location: United Kingdom
Status: Offline
Points: 1844
Post Options Post Options   Thanks (0) Thanks(0)   Quote Support Quote  Post ReplyReply Direct Link To This Post Posted: 21 Nov 2007 at 8:15pm
During the migration the old domain user name has to be mapped to its SID. If the machine is still joined to the old domain this is trivial (even if the old domain is not available.)

If the machine is already joined to the new domain and the old domain account cannot be resolved to its SID, then you can specify the original user SID directly. You can do this by passing the SID in the /LOCALACCOUNT parameter on the command line, or by modifying a script to use SIDs. This is more difficult, but it can be done, so it isn't necessary for the workstation to still be joined to the old domain.

Where possible we would strongly advise you to use the Wizard to migrate your workstations to the new domain and not join the workstations to the new domain first - it's just easier.

 
Back to Top
bstotler View Drop Down
Newbie
Newbie


Joined: 20 Nov 2007
Location: United States
Status: Offline
Points: 3
Post Options Post Options   Thanks (0) Thanks(0)   Quote bstotler Quote  Post ReplyReply Direct Link To This Post Posted: 21 Nov 2007 at 9:49pm
Thanks for the feedback. 
I was able to modify the script to use SIDs and it seems to be working. 
Back to Top
 Post Reply Post Reply
  Share Topic   

Forum Jump Forum Permissions View Drop Down

Forum Software by Web Wiz Forums® version 12.03
Copyright ©2001-2019 Web Wiz Ltd.

This page was generated in 0.109 seconds.