The Microsoft Active Directory Migration Tool (ADMT) is a free, legacy utility developed by Microsoft to help domain administrators safely move directory objects between Windows Server Active Directory domains. Core Capabilities
Object Migration: Moves users, groups, computer accounts, and service accounts smoothly.
Two Migration Types: Supports intra-forest migrations (restructuring domains within the same forest) and inter-forest migrations (moving objects between completely separate forests).
Security Translation: Automatically fixes access control lists (ACLs) on file shares and translates local user profiles so users retain access to their files and settings after moving.
SID History Mapping: Clones the old security identifier (SID) to the new account, allowing users to access resources in the old domain during the transition period. Common Use Cases
Organizations primarily use ADMT during major structural changes:
Mergers & Acquisitions: Consolidating multiple separate company networks into a single, unified domain.
Divestitures: Splitting off parts of an Active Directory structure into a completely new company forest.
Domain Consolidation: Cleaning up and reducing the number of child domains inside an existing corporate network to lower maintenance overhead. Key Prerequisites
Before running an ADMT migration, administrators must prepare the following components:
SQL Server Database: ADMT requires a SQL Server instance (such as SQL Server Express) to save configuration details and track migration data.
Domain Trust: A functional, verified trust relationship must exist between the source and target domains.
DNS Resolution: Clean name resolution must be configured across both networks so they can seamlessly locate each other’s domain controllers.
Administrative Rights: The operator needs domain administrator privileges in both the source and target environments. Crucial Limitations & Modern Context
While ADMT is highly reliable for standard account moves, it is a legacy application with notable caveats:
Leave a Reply