RE: migrating from 2003 to another 2003
- From: v-amanwa@xxxxxxxxxxxxxxxxxxxx (Amanda Wang [MSFT])
- Date: Thu, 05 May 2005 03:52:59 GMT
Hello,
Thanks for your post.
I understand when you try to migrate the password and contact the .pes
file, it says Access Denied. If I have misunderstood, please feel free to
let me know.
Based on my experience, I suggest you logon to the win2k3 server with the
admin privilege on both domains and refer to the following instructions to
mgirate accounts:
To enable support for password migration:
Part I: Target Domain
---------------------
Complete the following steps on the domain controller in the target domain
on which you installed ADMT:
1. Insert a 3.5-inch disk into the floppy disk.
2. Open a command prompt, and then change to the directory on which you
installed ADMT. By default, this is the %SystemRoot%\Program Files\ folder.
3. Type the following command to create the encryption key to be used
during the migration of the user account passwords
"admt key <SourceDomainName><FloppyDrive> [*/password]" (without the
quotation marks) where:
- The admt command is the name of the executable program.
- The key command specifies the generation of an encryption key.
- <SourceDomainName> is the NetBIOS name of the domain that contains the
passwords that you want to migrate.
- <FloppyDrive> is the drive letter of the floppy disk drive where the
encryption key will be written.
- [*/password] is optional; if you use it, you can encrypt the key with a
password. You can either type the password or you can type "*" (without the
quotation marks) to receive a prompt for a password that is not displayed
on the screen. If you type a password, you need to use it when you complete
the setup in the source domain.
Part II: Source Domain
----------------------
Complete the following steps on the PES in the source domain:
1. Double-click the Pwdmig.exe file that is located in the \i386 folder on
the Windows Server 2003 CD-ROM.
2. Insert the 3.5-inch disk that you created when you receive the following
message:
Please insert the floppy into the floppy disk containing the password
encryption key for this source domain. Click OK to continue.
3. Type the password when you are prompted, and then click OK.
4. Click Next.
5. Click Finish.
6. Click Start, click Run, type regedit, and then click OK.
7. Locate the AllowPasswordExport registry value in the following registry
key:
HKLM\System\CurrentControlSet\Control\LSA
8. Double-click AllowPasswordExport.
9. Change the value "0" to "1", and then click OK.
10. Restart the computer for the settings to take effect.
The password migration solution in ADMT was designed to provide a secure
general solution to password migration. Here are the key features of this
solution:
!$ The password export server (PES) works on Windows NT 4.0 domain
controllers (including systems that have SYSKEY installed), on Windows 2000
domain controllers, and on Windows Server 2003 domain controllers.
For more references:
How to Troubleshoot Inter-Forest Password Migration with ADMTv2
http://support.microsoft.com/default.aspx?scid=kb;en-us;322981
HTH!
Thanks & Regards
Amanda Wang [MSFT]
Microsoft Online Partner Support
Get Secure! - www.microsoft.com/security
====================================================================
When responding to posts, please "Reply to Group" via your newsreader so
that others may learn and benefit from your issue.
=====================================================================
--------------------
>Thread-Topic: migrating from 2003 to another 2003
>thread-index: AcVQipe56SftJWK4S5OfZwBAIeG3Lg==
>X-WBNR-Posting-Host: 193.5.153.22
>From: "=?Utf-8?B?aW1lcmljbyBzYWNoYQ==?=" <imerico
sacha@xxxxxxxxxxxxxxxxxxxxxxxxx>
>Subject: migrating from 2003 to another 2003
>Date: Wed, 4 May 2005 02:21:03 -0700
>Lines: 10
>Message-ID: <BFAAA7F7-A5BF-434F-81B2-C8D2B5FFBD8A@xxxxxxxxxxxxx>
>MIME-Version: 1.0
>Content-Type: text/plain;
> charset="Utf-8"
>Content-Transfer-Encoding: 7bit
>X-Newsreader: Microsoft CDO for Windows 2000
>Content-Class: urn:content-classes:message
>Importance: normal
>Priority: normal
>X-MimeOLE: Produced By Microsoft MimeOLE V6.00.3790.0
>Newsgroups: microsoft.public.windows.server.migration
>NNTP-Posting-Host: TK2MSFTNGXA03.phx.gbl 10.40.2.250
>Path: TK2MSFTNGXA01.phx.gbl!TK2MSFTNGP08.phx.gbl!TK2MSFTNGXA03.phx.gbl
>Xref: TK2MSFTNGXA01.phx.gbl microsoft.public.windows.server.migration:10000
>X-Tomcat-NG: microsoft.public.windows.server.migration
>
>hi to all, i realy need hepl. i need to migrate user between 2 windows
server
>2003 domains. When i try to migrate only the users (With ADMTv2) all is
ok.
>but when i tray to migrate the password i cant. i tryed to install the
>password export server on the source server. but when i try to contact it
it
>say Acces denied. I configured the PES like the documentation i found on
the
>microsoft site, but still dont work.
>
>can you helpme ?
>
>PS sorry for my english
>
.
- References:
- migrating from 2003 to another 2003
- From: imerico sacha
- migrating from 2003 to another 2003
- Prev by Date: RE: Consolidating different 2003 forests
- Next by Date: RE: Migrating some domain controllers from 2000 to 2003...
- Previous by thread: migrating from 2003 to another 2003
- Next by thread: RE: Problem with DC after 2003 SBS to 2003 Std. migration
- Index(es):
Relevant Pages
|
