Friends don't let friends migrate Active Directory alone

Even with the right vendor tools, domain renaming is fraught with gotchas. Turn to the IT community for help getting the job done

1 2 Page 2
Page 2 of 2

During my deployment, the password tool wouldn't install on the source server at one point, telling me the passwords didn't match for the key file I created. I knew the passwords in fact matched. A quick search led me to Exchange MVP Clint Boessen's site, which explained the problem and gave a one-second solution.

I was almost done; all groups and user accounts were migrated. Then I did something stupid: I had only one member server to migrate, and I decided to change the name of the server before the migration. I didn't think doing so would break anything, but when I went to log back in after the rename, I got an ominous message: "The security database on the server does not have a computer account for this workstation trust relationship." Uh oh!

A quick search for that error yielded some advice but nothing that helped me because I couldn't even log into the system. Once again, the online community came to my aid, thanks to Curtis Salina, who had the exact fix I needed, one that would have taken hours of tinkering to stumble on myself.

I thought I had it all worked out, so I went to migrate the last piece of the puzzle: the member server itself (now that I could log in). It failed -- and I had no idea why. ADMT reported, "Completed with Errors" but didn't identify the error. I checked logs but found nothing. Another quick search led me to a helpful migration checklist by MVP Santhosh Sivarajan that recommended restarting the computer before migration to ensure the profiles are not locked. I didn't think that was my issue, but I gave it a shot, redid the migration, and, voilà! it worked.

Did I perform an Active Directory migration using ADMT 3.2? Technically I did, but not without the help of the IT community whose members took the time to put their own experiences and knowledge out there for others to use -- free of charge. (I've contacted each person who helped to say thanks.)

Keep the community in mind the next time you are in a jam and can't find the answer from the vendor's documentation or website. And if you find the answer from people who took the time to share what they learned, don't forget to drop them a line or toss a note in the comments section thanking them for their help. Also, consider sharing what you've learned as well, such as through your own blog. Pay it forward.

This story, "Friends don't let friends migrate Active Directory alone," was originally published at Read more of J. Peter Bruzzese's Enterprise Windows blog and follow the latest developments in Windows at For the latest business technology news, follow on Twitter.

Copyright © 2014 IDG Communications, Inc.

1 2 Page 2
Page 2 of 2
How to choose a low-code development platform