How Transfer All the OU, User and Computer Accounts from Window Server 2008 R2 to Windows Server 2012 Standard

windows-server-2008-r2 windows-server-2012 domain-controller
7,594

This is a very involved process depending on the number of users, computers, servers and services you have that interact with your current AD. You need to think about and look at -

  • Group Policies that are in place in the old domain
  • Logon Scripts if they are been used
  • Trusts between the 2 domains while you are migrating
  • Services that are AD integrated or use FQDNs for been accessed as these will change when you move domains
  • Migrating Groups to new domain then running Security Translations on servers in old domain to add those group (NewDomain\Group) to the servers. So when you close the old domain the groups still work.

That is just from the top of my head I am sure there is more you will need to do.

For your original question you can create a script to replicate the OU structure from your old domain (this is also a good opportunity to improve on that structure if you think it is incorrect). For user and computer objects you need to use ADMT to migrate there accounts. AD uses SIDs to identify each object and associate rights and profiles etc with that object. By using ADMT you will be able to migrate the users and computers to the new domain and retain the original SIDs, as well as the new one given out by your new domain. This way when they move to the new domain they will not lose access to file shares and services that are in there old world. The computers will need to be on the network when you use ADMT as it will connect to them translate there security from old domain to new domain and then move the computer. You will need a trust in place between the 2 domains for this to work at all.

If you are looking at a large number of users, computers and services I would hire in contractors to do this for you. It is not a quick process and is very involved.

Share:
7,594

Related videos on Youtube

Mark
Author by

Mark

I am a System Administrator

Updated on September 18, 2022

Comments

  • Mark
    Mark over 1 year

    I have a situation here that requires me to transfer all the OU, User and Computer Accounts to another domain, which is from Windows Server 2008 R2 to Windows Server 2012 Standard.

    How to do this kind of task? Thanks in advance and Have a good day ahead.

    • MikeAWood
      MikeAWood over 10 years
      You will probably get a few people that will chime in that you should hire a professional to do this. What you are asking to do isn't a simple checklist of things and the phrasing of your question suggests you aren't familiar with what you are asking about.
    • Mark
      Mark over 10 years
      @MikeAWOOD, Yes, I am not very much familiar with it, but, I tried some method like the LDIFDE export and import, but getting errors.
    • MikeAWood
      MikeAWood over 10 years
      I am not familiar with the tool you mentioned, but likely it is expecting to see everything be the same from one domain to the new one. If you changed anything (which is almost impossible NOT to do), it likely will give you issues. Are you creating a new domain or just trying to move one over to a new server?
    • Mark
      Mark over 10 years
      Yes, I am creating a new domain at the same time move the OUs, User and Computer Accounts in the new domain, which is from 2008 R2 to 2012 standard.
    • MikeAWood
      MikeAWood over 10 years
      What you are asking is likely beyond your skill level. I caution you to get a professional to help you. When setting up a domain, there are some choices and things to consider that will be set in stone. Simply put, don't do it alone. You cannot move computer accounts over. You will need to disjoin and rejoin the new domain, once done they will appear in AD. User Accounts and OU can be recreated, but it might be easier to script it in powershell with a script like this that imports from excel. (gallery.technet.microsoft.com/scriptcenter/…)
    • user596502
      user596502 over 10 years
      Why do you want to build a new AD domain? Is there something wrong with the one you have?
  • Mathias R. Jessen
    Mathias R. Jessen over 10 years
    SIDs are only used to indentify a specific subset objects in AD, namely Security Principals

Recents

Why Is PNG file with Drop Shadow in Flutter Web App Grainy?
How to troubleshoot crashes detected by Google Play Store for Flutter app
Cupertino DateTime picker interfering with scroll behaviour
Why does awk -F work for most letters, but not for the letter "t"?
Flutter change focus color and icon color but not works
How to print and connect to printer using flutter desktop via usb?
Critical issues have been reported with the following SDK versions: com.google.android.gms:play-services-safetynet:17.0.0
Flutter Dart - get localized country name from country code
navigatorState is null when using pushNamed Navigation onGenerateRoutes of GetMaterialPage
Android Sdk manager not found- Flutter doctor error
Flutter Laravel Push Notification without using any third party like(firebase,onesignal..etc)
How to change the color of ElevatedButton when entering text in TextField

Related

Reuse old domain controller IP address
Windows Server 2003 R2 vs 2008 R2 vs 2012 as a file server
Can a GPO be exported from one server and imported into another?
Can I Upgrade Windows Server 2008r2 to Windows Server 8 (Server 2012)
Can Windows Server 2008 R2 / 2012 join a homegroup?
Does PulseAudio work on Windows just like on Linux?
DNS settings for domain controller with dual nics one facing internet directly and one to router
Server 2012 DC in VMWare virtual network (NAT) unable to connect to the internet
resolving a dns entry for a virtual machine from physical host
How to Prevent Server 2012 Essentials from Shutting Down Due to Not Being FSMO