Move AD Users to another domain in Active Directory

Video Statistics and Information

Video
Captions Word Cloud
Reddit Comments
Captions
in this video I'm going to show you how to move users from one active directory domain to another active directory domain so for this example I've got the source domain ad.actordirectory pro.com and then my destination domain it's a completely separate Forest they're not uh it's not a child domain and it's ad.networkfurge.com so on the source domain I'm going to use the Ad Pro toolkit I'm going to export the OU's the groups the users and then we'll use the toolkit on the destination domain to import all of those OU's groups and the users and then lastly I'll run through the Powershell commands that you can use to verify the number of users oh using groups on both source and destination domains will help you verify that everything has been moved it's really important [Music] when you go to import the users on the destination domain that you modify the CSV you need to add a password column and then if it's a different domain you need to change the uh the domain path and the user principal name and you can modify any other information that you need so let me jump in here so almost destination or my source domain you can see I've got a bunch of users bunch of OU's I've got a bunch of groups and then on my destination domain it's a completely brand new install there is no I have added no OU's groups or users so start we want to open up the toolkit and go to OU reports all organizational units and I'm going to click run and then export export this to a CSV file I will save this as ous now I want to export all of the groups come into group reports click all groups export export to CSV I gotta click run first okay now I'll export this to the CSV this is groups so now I want to export the users come in to export users and for this example I'm not going to export my entire domain it's it's a very large domain I've got like 10 000 users so I just want to do my management OU so I'll come into a pro users management and click run if you want to do your entire domain just leave entire domain selected you can see this is going to export a lot of information the group membership here's our principal name so yeah all this information will be exported and then you can import it to the new domain and after you export it if you don't want to import some of this stuff you can just remove any column that you don't want imported so exports users so now I will copy all of those exports to the new domain and then I'll open up the toolkit and we'll start with importing user so import OU's or import ous select the template click run and if I come into active directory refresh you'll see all of the OU's for my source domain are now created in my new domain so now I want to import groups so click on import groups select template I will click on the groups template and you can see it's got 667 records I got a bunch of groups so I'll click run okay it's finished and it said it's imported 618 groups out of 667. so the reason for the difference is it's not going to overwrite existing groups so by default the um when you create a new active directory domain it's going to have a bunch of built-in groups and those are not going to be overwritten so that's why there's a difference there from the CSV versus imported groups okay so I come into my new domain and go to my groups refresh you can see it's now imported all of these groups so the last step is to import the users but before you can do that we need to modify the CSV a little bit so you have to add a password column so we're importing new users so when you create a user it has to have a password so let me insert a password column all lower case and then just make up a password and then you need to modify if if your new domain is a different domain than your Source you need to modify the um the OU path because if it's a different domain this OU pass is not going to exist so for me my new domain is Network Verge so I'm just going to do a search and replace I want to find DC equals active directory Pro and I'm going to replace that with DC equals Network Verge so we'll just do a replace so now that OU path has been updated the next thing I want to update is the user principal name so again if if you're your source and destination are the same you can probably leave this as is but my destination is different so I'm going to change this from at active directory pro.com to at net workverge.com [Music] and you can you can change anything else you want you may want to change the SMTP addresses but this is just a test domain so I'm not going to bother about that and again you can remove you know if you don't want to do telephone numbers street addresses you can just delete these columns so with that we can now import all of these accounts so come into import users I'm going to select my template you can also click on import options by default the accounts will be enabled you can force password change or you can change the last the name to be last name first name by default it is first name last name so I'm going to select my template okay I have to start that over because I I started the import on my Source domain so all the accounts existed so select my template import users click run and this will take several minutes you will see some errors and that's because it's trying to add the users to The Domain users Group which when you add a account to a domain it does that by default so it's already there but any of the tool also tries who does it and it are it's already a member of that uh group so it's still going to error just for that so I'll pause this because this takes several minutes depending on how many users you have okay the import is complete so pull up action directory so I'll come into a pro users refresh my management OU and there's all of the users so if I open up one up you can see it's got all the information that is from The Source domains the telephone numbers email address information number of you can see it added to the users to all the groups um and that's it so now I've got um basically a duplicated uh active directory domain from one domain to another domain I've imported all of the OU's groups and then I imported some users so now let's open up Powershell and we'll verify a few things so first let's check the number of users and I'm doing this on the OU my management OU so I'll select this and run it says 601 users so let me copy over to my other domain oh I gotta change I'm going to change the path because that's still pointing to active directory Pro so if you want to find the distinguished name you can just right click on the OU I'm going to turn the advanced features on and then I want this distinguished name okay now let's run this 600 to 1. so let's go back and check the number of groups or I'll do OU's run selection 55 groups and selection 667. so on my destination domain 55 and then groups 666. and that's because on my source domain it's got the Microsoft Exchange schema installed so it's got some an exchange group so that that didn't import on my destination domain because I don't have the schema on there so that is pretty much that is it um I will paste a lot of this information into the notes and I'll also link to an article that walks through all of this so on my website let's go to move users and I've got this article um I've got this video all written out step by step so if you don't if you missed something in the video or if you like reading steps to an article I've got it all laid out here in addition I've got the Powershell commands that you can copy and paste so that is it um to be clear this isn't really a migration because you're not migrating SIDS you're not migrating user profiles or computer accounts you're basically just exporting all the information from one active director domain and importing it into another domain it also will not move passwords I get that question a lot you can't export passwords from the domain and import it into another one it's going to create a brand new password for the account so that's it if you have questions please put them in the comment session section or you can send me an email thanks for watching
Info
Channel: Active Directory Pro
Views: 11,481
Rating: undefined out of 5
Keywords: active directory, windows server, powershell, user management, active directory tools
Id: lJOX0GBnen4
Channel Id: undefined
Length: 13min 9sec (789 seconds)
Published: Mon Sep 04 2023
Related Videos
ADMT (Active Directory Migration Tool) - ADMT 3.2 Step by Step Installation and Migration Full
Labs Hands On
140K
Step by Step Guide to Migrate Active Directory from server 2012 R2 to Server 2016
MSFT WebCast
90K
How To Backup Windows Server 2012 R2 with Active Directory
RS Computer Solutions
1.1K
EASY! Command To Export Users From Active Directory Group To CSV Excel File
URTechDotCa
8.3K
How to Migrate a User Profile From Old Computer to New Computer
Britec09
60K
Domain to Domain Profile Migration Demonstration using User Profile Wizard Professional Edition
ForensiT Software
11K
How to Setup a Domain Trust [Forest Trust] - Between Two Domains on Windows Server
Tech With Emilio
32K
How to Join Windows Server 2019 to an existing Active Directory Domain
MSFT WebCast
130K
How to Migrate Certification Authority to Another Server
jusTech talk
10K
How Do I Get Rid of OneDrive?
Ask Leo!
238K
Migrate Server 2012 to 2022
TECH CONECT
12K
6- Windows Server 2022 Transferring FMSO Roles from one Domain Controller to another
Tech For All
9.8K
Java Project Tutorial - Make Login and Register Form Step by Step Using NetBeans And MySQL Database
1BestCsharp blog
17M
Note
Please note that this website is currently a work in progress! Lots of interesting data and statistics to come.