0

We have a forest SiteA

We have child domains SiteB SiteC SiteD

We have a few users who are on SiteB and need to be migrated over to SiteC.

We used to be setup like SiteB.Comapnyname.local\USERNAME for login. But we are are moving to Office 365, users have been moved to firstname.lastname@comapnyname.com

Before i would just make the same users domain on Domain SiteC the same as SiteB.

I cant do this now as the firstname.lastname@companyname.com login already exists so i cant make it on the other domains.

I have Server 2012 on SiteB and Server 2008 on SiteC

Is there a way i can migrate from SiteB to SiteC ??

I have read about ADMT but doesnt work on 2012 and 2008 as far as i can tell.... any suggestions?

RedPacketSecurity
  • 11
  • 1
  • 1
  • 6
    Wow. You're just doing this so wrong, it might not be possible to untangle. [For starters, Active Directory contains objects called sites](http://serverfault.com/a/570486/118258). You should probably be using sites for your sites, and not domains. I would start by fixing/replacing/migrating your existing domain tangle to a setup that has it being done right. – HopelessN00b Mar 19 '14 at 15:34

2 Answers2

3

From what you're describing you really, really, REALLY need to rearchitect your AD design.

Like HopelessN00b pointed out, Active Directory has a concept of a "site", which is the correct logical representation of sites within the same company (domain of control). Your AD should also be properly scoped (as ad.mycompany.com or something similar).

Properly using sites and a subdomain for AD means that your users don't have to have (and manage) multiple accounts for each site (I'm shocked that your users are putting up with that), nor do you have to create new user accounts when people move from one site to another or deal with potential naming conflicts on your external (public) domain - the users' credentials are unique within your AD domain, and work everywhere within the domain so everyone is happy.

Restructuring your domain is going to be a lot of work. I suggest you hire a consultant with AD experience to help you do it right.
In the interim I'm afraid I don't know of any supported way to do what you're asking in terms of account-shuffling, but maybe someone else with more recent Windows experience can chime in with a suggestion.

Community
  • 1
voretaq7
  • 79,879
  • 17
  • 130
  • 214
  • 1
    it is set as is, and my manager wants it kept that way so i dont have the option of re-jigging the AD structure. They are child domains as they are different companies under one forest. On a MPLS network. – RedPacketSecurity Mar 19 '14 at 15:55
2

I have read about ADMT but doesnt work on 2012 and 2008 as far as i can tell.... any suggestions?

This is no longer the case. You can install the latest ADMT 3.2 and PES 3.1 bits on 2012 and 2012 R2 as well as migrating to 2012/2012 R2 based domains with it. This is your tool of choice.

That said, as @voretaq7 has pointed out, you seem to have larger architectural challenges that should be addressed beforehand, but once you do settle on how you'd like to restructure, ADMT is capable.

MDMarra
  • 100,734
  • 32
  • 197
  • 329