Migration - Things to Consider
Here are a
few points which you can consider while doing computer migration.
These points are applicable to all migrations irrespective of the
migration tool (ADMT, NetIQ, Quest etc).
Here is a high
level flow chart that describes the computer migration process:
Access (PreMig1 Script) – Ensure that you can access
Admin$ or C$ on the workstation using your migration service account.
You can use the following script to test the Admin$ permission:
(part of PreMig1 Script)– Make sure you can ping
the workstation from the migration console/server. But keep in mind
that, if ICMP is disabled on your network, you won’t be able
to ping the workstation. Also, I have seen in many cases that Ping
is resolving to an incorrect IP address, which can be due to a bad
WINS server or bad name resolution.
the Computer before Migration (PreMig2 Script): It is recommended
to restart the workstation before the migration. This will ensure
that the profiles are not locked or users are not logged onto their
You can use
the following script to restart the workstations:
FOR /f %%i in (S:\MigTools\Computers.txt) do (
Shutdown /f /r /t 15 /m \\%%i)
and FQDN Name Resolution – The workstation should
have proper DNS and WINS configuration. I would recommend implementing
DNS Suffix Search Order List with all domain names before the migration.
Here are some
good reference articles:
Admin Access – Most of the migration tools requires
Local Admin privilege on the workstation. If you don’t have
local admin privilege, you can either use Restricted Group GPO :
Or you can use
the ADMT permission details on the following blogs:
Registry Key Service – The remote registry service
has to be running. You need to enable this service if you are changing
the domain membership. You can use the following procedure to enable
the service remotely:
Service - The Server service must be running. You can use
above script to enable this service remotely.
Service - The Workstation service must be running. You
can use above script to enable this service remotely.
Service - The Netlogon service must be running. You can
use above script to enable this service remotely.
and Print Service – The File and Print service should
be enabled on the TCP/IP properties on the workstation.
– If possible, disable the firewall service during
the migration. Otherwise you need to create a firewall exception
or Multiple NICs – If multiple NICs are enabled on
the workstation, disable the second NIC or Wireless connection prior
to the migration. Here is a related issue:
Management - Disable the Power Management feature during
the migration. This will ensure the power management is not going
to shutdown the computer during the migration.
Default Domain Membership (PostMig1 Script)– Even
if you select to change the default domain name to the target Domain
name, sometimes it won’t update the workstation with this
information. I have seen this issue with almost all migration tools.
So I recommend running the following script after the computer migration:
Profile Migration: After the resource update and re-ACL
process some users might lose their local workstation profile (user
might get a new profile). It might be due to profile corruption,
locked profile etc etc. So if you run into a workstation profile
issue, you can use the following workaround to reassign the old
profile back to the migrated user:
You can see
more sample scripts on the following website:
Articles and Blogs...
Directory Migration Using ADMT 3.1
Service Account - Permission and Configuration
Filtering – Access is denied