Domain Controller Cross Forest migration Part 1
In this series of articles I will demonstrate the Cross forest migration for Microsoft Windows Active directory 2012 R2.
Before starting any step, I will have to do a revision for the current environment and check what is there, what can be migrated and what can not be.
- Check if the environment is using an old cryptographic algorithms that's not supported during the migration .e.g. (SHA-1 1024bit Certification authorities).
- Notice that Group Policy user profile folder redirection might have a bug from SCCM. To fix this the SCCM needs to be checked for one option needs to be disabled
- Under the SCCM Configuration manager,
- Select Administration
- Select Client Settings
- Pull up PROPERTIES of Default Client Settings configuration and click on Compliance Settings
- Enable User Data and Profiles mentioned above is the setting which drives the control of Folder Redirection and Remote User Profiles.
The above configuration by Default is set to NO. Once enabled (set to YES), it passes the control of Folder Redirection, Offline Files, and Remote User Profiles to WMI and stores this configuration under the registry path: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\UserState\UserStateTechnologies\ConfigurationControls
TCP/IP crashes and errors: Hotfix released to correct a crash in TCP/IP.
- Windows 2008 R2 DC on the destination forest.
- Windows 2012 R2 ADMT and SQL express 2008 R2 or 2012 R2 express or full.
1- Rights Management Services Analyzer Tool
RMS Analyzer provides the following features:
• Support for Azure RMS and AD RMS diagnostics
• Prerequisite checks for Azure RMS integration (such as any required hotfixes, registry key settings, Microsoft Online Sign-In Assistant)
• Ability to collect trace logs to capture real-time problems
• Diagnostics and remediation for Office 2013 and Office 2010
• Basic diagnostics for federation services
• Group membership check, based on groups and policy templates
• Display of your RMS configuration settings and verification tests to validate service health for RMS
• Ability to monitor multiple servers and find all RMS servers in trusted forests
By installing and using the software you accept the License terms which are located in the zip folder download. If you do not accept the terms, do not install or use the software.
2- Password Export Server (PES) – x64
3- Active Directory Migration Tool (ADMT) QFE – x86
I will publish the next parts as soon as I am done with them. stay tuned