Domain Migration - Domain Migration over VPN

Domain Migration over VPN

Printed From: ForensiT
Category: ForensiT Support
Forum Name: Domain Migration
Forum Description: User Profile Wizard questions, suggestions, comments and bug reports
URL: https://forum.ForensiT.com/forum_posts.asp?TID=2516
Printed Date: 26 Mar 2026 at 10:52pm
Software Version: Web Wiz Forums 12.03 - http://www.webwizforums.com

Topic: Domain Migration over VPN

Posted By: Richard
Subject: Domain Migration over VPN
Date Posted: 02 Jul 2024 at 11:24am

Hi Team,

Looking for some documentation here on an automated domain migration while machine is VPN connected. Are there any documented steps for OLD to NEW Domain migrations while users are Remote/VPN connected ?

Replies:

Posted By: Support
Date Posted: 02 Jul 2024 at 12:52pm

Hi,

There is no difference to the process, other than the fact that if the remote computer is using a client established VPN you will need to cache the password to allow the user to log on to the new account for the first time after the migration, before network connectivity to the new DC has been established.

If you are using the Corporate Edition, you can configure the Wizard to cache a password by enabling the option on Step 9 of the Deployment Kit.

You will find more information on https://www.forensit.com/Downloads/User%20Profile%20Wizard%20Corporate%20User%20Guide.pdf#page=48" rel="nofollow - Page 48 of the User Guide.

If you have a problem, please can you contact us at Support@ with the config file, migration log and any further details regarding the problem and we'll be happy to help.

Many thanks,

Support.

Posted By: Richard
Date Posted: 03 Jul 2024 at 8:21am

Thank you for your quick reply.

Is the Windows Credential caching used for automatically connecting VPN or does the user need to login to Windows with the cached credentials and connect VPN manually for the domain join?

With regards to VPN connection, does it support VPN connections using device certificates instead of username/password ?

Posted By: Support
Date Posted: 03 Jul 2024 at 9:32am

Hi,

The sequence is that the Wizard migrates the profiles, unjoins the computer from the old domain, joins it to the new domain and then the computer is rebooted.

The password caching feature allows for a temporary password to be cached for the new account, so that the user can sign in to their new account for the first time. This is only required if connectivity to the new DC will not be available when the computer reboots after the migration. Therefore, if the computer has an 'always on' client VPN, password caching is not required.

This is a password caching feature to allow first logon when the DC is not available to authenticate the user, it does not affect or play any part in how the user or computer will authenticate with the VPN when they establish the VPN session after logging on to the new account.

After connectivity with the new DC has been established, Windows will cache the real password.

I hope this helps, if you have any further questions, please feel free to email us at support@

Many thanks,

Support.