RE: NT4 domain password migration to 2003 AD domain

Hello,

Thanks for your post.

You described that you want to change the settings in 2003 test domain to
allow non complex password in order to migrate user accounts from NT4
domain to a new 2003 AD domain. Do you mean there is a password option
when migrating user account?

Based on my experience, you can use the following two options to migrate
password:

Option 1: Use ADMT migration user wizard
========================================

When you migrate from NT4 to 2003, in User Account Migration Winzard, there
is a Password Options, under What type of password do you want to use? You
can choose Complex password or Same as user name. If you choose complex
password, the new passwords in 2003 domain will use the complex password
and if you choose Same as user name, these passwords will same as user name
after migration.

And under the two options, the new passwords in 2003 will be generated and
there is a Location to store these new passwords in a password file that
you need to choose which location you will store the password.txt. After
migration, the password.txt file will be created under the location you
have chosen. When a user account logs on the new domain at the first time,
it will prompt to change password, and ask you to enter the old password at
first then enter the new password you want to use. At this time, the old
password is in the password.txt file which is created after migration.

Note: I have caught a screen shot of the above description in migration
user wizard named MigratePW.jpg and paste it here.

Opinion 2: Create .pes file and migrate the password
=======================

You can refer to the following KB article to migrate the old password in
NT4 domain to 2003 domain:

How to configure the Active Directory Migration Tool to migrate user
passwords from a Windows NT 4.0 domain to a Windows Server 2003 domain
http://support.microsoft.com/default.aspx?scid=kb;en-us;832221

This step you need perform before migrate user account and then choose the
third option which is Migrate Password in screen shot.

After performing this step in KB, it will create a .pes file and the old
domain passwords will be stored in this file. While you are running User
Account Migration Wizard by using ADMT, you should choose the option of
Migrate password and the old password in NT4 will migrate to new domain.

NOTE: After migration, the user will be promoted/require to change their
password when they first logon to the win2k3 domain in spite of you use
option1 or option 2. Therefore, please change their password when they
first logon to the win2k3 domain.

HTH!

Thanks & Regards

Amanda Wang [MSFT]

Microsoft Online Partner Support

Get Secure! - www.microsoft.com/security

====================================================================

When responding to posts, please "Reply to Group" via your newsreader so
that others may learn and benefit from your issue.

=====================================================================

--------------------
>Thread-Topic: NT4 domain password migration to 2003 AD domain
>thread-index: AcVX1597swdxExopTwaxXFiUTKkjJA==
>X-WBNR-Posting-Host: 4.14.95.153
>From: =?Utf-8?B?UEpUdXJr?= <PJTurk@xxxxxxxxxxxxxxxxxxxxxxxxx>
>Subject: NT4 domain password migration to 2003 AD domain
>Date: Fri, 13 May 2005 09:20:05 -0700
>Lines: 10
>Message-ID: <8F0C3B06-F186-497B-95A6-6CD561CD2198@xxxxxxxxxxxxx>
>MIME-Version: 1.0
>Content-Type: text/plain;
> charset="Utf-8"
>Content-Transfer-Encoding: 7bit
>X-Newsreader: Microsoft CDO for Windows 2000
>Content-Class: urn:content-classes:message
>Importance: normal
>Priority: normal
>X-MimeOLE: Produced By Microsoft MimeOLE V6.00.3790.0
>Newsgroups: microsoft.public.windows.server.migration
>NNTP-Posting-Host: TK2MSFTNGXA03.phx.gbl 10.40.2.250
>Path: TK2MSFTNGXA01.phx.gbl!TK2MSFTNGXA03.phx.gbl
>Xref: TK2MSFTNGXA01.phx.gbl microsoft.public.windows.server.migration:10168
>X-Tomcat-NG: microsoft.public.windows.server.migration
>
>I have been trying to change the settings of a 2003 test domain to allow
non
>complex passwords in preparation of manual migration of user accounts from
a
>NT4 domain to a new 2003 AD domain. I have followed all of the app notes
on
>changing of GPO but have not been successful in allowing non complex
>passwords in the 2003 domain. I am confused and need to have this working
so
>I can succussfully migrate the accounts. Help is appreciated.
>
>Thanks
>--
>Patrick
>

.

Relevant Pages

  • RE: Data migration without trusts
    ... Each user account has a unique SID, and the NTFS authorization is based ... which mainly consists of SID ... not their SIDs directly when viewing the NTFS permissions? ... In addition, as for user profile, the USFT (User State Migration Tool) is ...
    (microsoft.public.windows.server.migration)
  • Re: Upgrading from NT 4.0 to Server 2003
    ... In-place upgrade of the NT domain to AD ... SID of the security principals (user, groups and computers does not change. ... and a migration tool like ADMT is also not needed. ... existing NT4 domain. ...
    (microsoft.public.windows.server.active_directory)
  • The target domain is not native mode - Query
    ... I am currently working on our NT4 Domain to W2K3 AD Domain migration ... Does that mean that I must set my W2K3 AD domain to native mode? ... access my NT4 Domain server via the current 2-way trust relationship? ... Windows Server 2003? ...
    (microsoft.public.windows.server.migration)
  • RE: ADMT Question / Migration Question
    ... >we need to touch the clients too in the same row? ... It is recommended to perform the migration in the following order: ... is the old user account left in the NT4 Domain or do ... >c.) read the ADMT white paper, but still not sure: ...
    (microsoft.public.windows.server.migration)
  • Re: ADMT Question / Migration Question
    ... > Hi Roger, ... > history), i think ... > It is recommended to perform the migration in the following order: ... > User Account ...
    (microsoft.public.windows.server.migration)
Quantcast