Re: ADMT ADClean
- From: "jremmc" <jremmc@xxxxxxxxxxxxxx>
- Date: Wed, 20 Jul 2005 13:20:30 -0400
Hi Lee,
Here is the link to the blog that I mentioned in my previously posted
response.
http://blogs.technet.com/exchange/archive/2005/01/21/358240.aspx
"Lee Li [MSFT]" <v-leeli@xxxxxxxxxxxxxxxxxxxx> wrote in message
news:1azbbARjFHA.3472@xxxxxxxxxxxxxxxxxxxxxxxx
> Hi Customer,
>
> I appreciate you taking time to write to us. However, I am afraid I am not
> quite clear about your concern. Let me explain as below.
>
> First of all, if your original intention is to migrate Exchange Server 5.5
> from one domain to Exchange Server 2000/2003 in another domain, the
> correct
> steps are as below.
>
> 1. Run ADMT to create active user accounts in your Active Directory.
> 2. Run Exchange Server Migration Wizard to move mailbox content from
> original Exchange Server to this new-created Exchange Server.
>
> Let me provide further explanation regarding this procedure.
>
> 1. First, actually, it is not necessary to run AD Cleanup Wizard
> (ADClean),
> which is used in the following scenario.
>
> If the ADC does not find matching User objects when it replicates the
> Exchange mailboxes to AD, it creates new disabled User accounts, and
> populates those with the mailbox attributes.
>
> Using ADMT Feature to Avoid Twin Accounts
> If you use the ADMT tool to migrate the NT4 accounts into the same domain
> where the ADC-created disabled accounts reside, you can instruct ADMT to
> merge the NT4 accounts directly into the existing accounts. This option in
> ADMT is called Replace conflicting accounts.
>
> Creating Twin Accounts
> Otherwise, if you upgrade the NT4 domain or use ADMT to migrate the NT4
> accounts to a different domain from the ADC-created disabled accounts,
> then
> you will be left with two User accounts in the Forest for each person you
> have migrated. The ADC disabled account contains the correct email
> attributes, while the other account contains the correct SID and is the
> one
> that should be used for log on.
> The solution is to copy the email attributes from the disabled account to
> the enabled account, and then delete the disabled account. The AD Cleanup
> Wizard performs this function.
>
> From the information above, you can see AD Cleanup Wizard is only used
> when
> you run Active Directory Cleanup before running ADMT. For inter-org
> migration, it is not necessary to run ADC first. And the recommended way
> is
> to run ADMT to migrate account as first step.
>
> 2. Even if you have followed Exchange Migration Wizard to move Exchange
> Information Store from Exchange Server 5.5 to Exchange Server 2000/2003,
> the Primary NT Account attribute for Exchange Server 5.5 mailbox will
> never
> change as new user account. Please understand if you perform inter-org
> migration, Exchange Server 5.5 and Exchange Server 2003 are located in
> totally different Active directory; Exchange Migration Wizard just let you
> copy Exchange Server 5.5 Information Store to Exchange Server 2003.
> Exchange Server 5.5 still has its own Primary NT Account. And the new
> mailbox in Exchange Server 2003 is associated to new user account in new
> domain.
>
> 3. The behavior that only old NT 4.0 user account can login new mailbox is
> caused by all of the permissions that are necessary for mailbox access
> were
> not migrated successfully during ADMT Migration.
>
> The solution for this scenario is just as you mentioned to modify
> permissions for the Active Directory users to include SELF rights. More
> info here:
>
> Active Directory Users Cannot Obtain Access to Mailbox After Upgrade from
> Exchange 5.5
> http://support.microsoft.com/?id=326018
>
> Meanwhile, I am afraid I have not heard about ADMT Exchange Directory
> Wizard. If you have further concern about ADMT Migration tool, since it is
> pure Active Directory Migration tool, if you have any further concern, it
> is better for you to submit your question in the newsgroup below, where a
> dedicated engineer will help you explain the usage of ADMT.
>
> microsoft.private.directaccess.win2003.activedirectory (for Windows 2000
> Server)
>
> microsoft.private.directaccess.win2000.activedirectory (For Windows Server
> 2003)
>
> Thanks for your understanding regarding this. Should there is anything we
> can help in the future, feel free to let me know. Thanks and have a nice
> day!
>
> Lee Li
>
> Microsoft Online Partner Support
> ?
> Get Secure! - www.microsoft.com/security
> ?
> =====================================================
> When responding to posts, please "Reply to Group" via your newsreader so
> that others may learn and benefit from your issue.
> =====================================================
> This posting is provided "AS IS" with no warranties, and confers no
> rights.
>
.
- Follow-Ups:
- Re: ADMT ADClean
- From: Lee Li [MSFT]
- Re: ADMT ADClean
- References:
- ADMT ADClean
- From: jremmc
- RE: ADMT ADClean
- From: Lee Li [MSFT]
- ADMT ADClean
- Prev by Date: Re: Error C1041724 when trying to mount a mailbox store
- Next by Date: exchange for intranet only (HELP)
- Previous by thread: Re: ADMT ADClean
- Next by thread: Re: ADMT ADClean
- Index(es):
Relevant Pages
|
