RE: interesting migration scenario
- From: Ryan Hanisco <RyanHanisco@xxxxxxxxxxxxxxxxxxxxxxxxx>
- Date: Tue, 26 Jun 2007 15:26:00 -0700
Matt,
SIDHistory doesn't (or didn't in 2000) persist multiple values so you would
lose the original SID and only have the intermediate SID in the final
location. This may have changed with some of the schema changes done in
2003, but I have run into this problem before in multi-domain joins.
If you are just moving Accounts and Groups, I think the risk is lower doing
the intra-forest migration with ADMT. This works well and risk can be
managed.
In any case, the key here is testing and grouping your migrations into
smaller, manageable waves.
Best wishes,
--
Ryan Hanisco
MCSE, MCTS: SQL 2005, Project+
Chicago, IL
Remember: Marking helpful answers helps everyone find the info they need
quickly.
"matt_heff" wrote:
I am trying to relocate an OU from a 2003 child domain to another 2003 child.
domain in the same forest. I do not wish to do an intra-forest migration
because this will MOVE the OU from one domain to the other. I would rather
the OU is COPIED over to the other domain, maintaining SID history of course,
(so it is easier to roll back if necessary) but this is only possible in
inter-forest migrations.
So, I plan to migrate (copy) my OU out to a temp domain in a separate
forest, and then migrate (copy) it again to the target child domain back in
the original forest. With the trusts in place, this should make
rollback a snap if necessary.
I'll use gpmc to copy the GPOs once the trusts are in place.
Has anyone ever tried this or know an easier way to do this?
Thanks,
Matt
- Follow-Ups:
- RE: interesting migration scenario
- From: Ryan Hanisco
- RE: interesting migration scenario
- Prev by Date: RE: shared Folder permissions - No Read/Write Access for Admins
- Next by Date: Security issue?
- Previous by thread: RE: shared Folder permissions - No Read/Write Access for Admins
- Next by thread: RE: interesting migration scenario
- Index(es):
Relevant Pages
|
