Posted in Active Directory, Migration, Windows

PASSWORD MIGRATION USING ADMT

Posted on by Akhil

Prerequisites:

SOURCE DOMAIN (sd.com)TARGET DOMAIN (td.com)
Domain controller (S-DC)Domain controller (T-DC)
ADMT-Server (T-ADMT)
Two-way trust b\w domainsTwo-way trust b\w domains

Procedure:

Step 1 :

  • Download both sql server and ADMT tool in the ADMT-Server (T-ADMT).
  • Install sql server by following default onscreen commands on ADMT-Server (T-ADMT).
  • Install ADMT tool in the server mentioning the previously installed sql instance.
  • Create encryption key on the ADMT-Server (T-ADMT) using following command in the command prompt.
admt key /option:create /sourcedomain:source.local /keyfile:"c:\KEY.pes" /keypassword:*
  • The source domain and the key password need to be changed as per the requirement as shown below.
  • Copy the created key to the source domain controller (S-DC).

Step 2 :

  • Download and install PES (Password export server) onto the source domain controller (S-DC).
  • Choose the key that is created in the previous step, when it is required during the installation.
  • Enter the given password for the confirmation and to install.
  • Choose Log on as and enter the user credentials of Source Domain Administrator or Target Domain Administrator as shown below and restart the server (S-DC).
  • Start the password export server service manually in the services of source domain controller (S-DC)

Step 3 :

  • Add the target domain administrator (TD\Azureuser) in the Administrators (built-in) group of source domain (sd.com)
  • Similarly add source domain administrator (SD\Azureuser) in the Administrators (built-in) group of target domain (td.com)

Step 4 :

  • Open the ADMT tool in the target ADMT-Server (T-ADMT) and run the ADMT tool.
  • Right-click on the Active Directory Migration tool > User Account Migration Wizard > define the source and target domain details as shown.
  • Select users from domain > Add > type the user name > select the users > next > select the target OU > migrate passwords > target same as source > follow the onscreen commands with the required properties to complete the migration of users along with their passwords.
  • Migration process status will be changed to completed with no errors as the following.
Unknown's avatar

Author:

I'm currently working as a cloud migration consultant in Deloitte. My days are primarily spent on cloud with a high focus on migrations and gcp management. On my downtime I prefer to be a 3d designer.

2 thoughts on “PASSWORD MIGRATION USING ADMT

Leave a reply to Akhil Cancel reply