Our Active Directory account migration process was fully automated and it was the user who starts his/her migration not us.Therefore to use a fixed name for the PDC role Domain Controller was not acceptable. Our source environment has 100+ domain controllers and the PDC role is siwtched from one DC to another DC under certain conditions. We wanted to make sure that we really used the Domain Controller with the PDC Emulator role from source domain.
#Sapien powershell studio password safe code#
However, 2 main restrictions prevented us from using this code as is: I will write about the whole mechanism of how we automated our large scale Active Directory migration in another blog post, but will concentrate here to share our way of managing the sidHistory part.Īs you know already from part 2 of this blog post, we were buidling our code on the examples that MSFT Jiri Formacek published here. We are running it on multiple migration servers around the globe as scheduled task – which you can easily call a “service” as it is running every 5 minutes.
Our self made scripting routine to migrate/write sidHistory into the target accounts turned out to be a robust, reliable part of the process and I feel safe now to share some experiences.
In our large scale Active Directory Cross Forest migration project, we now have migrated already 40.000 user accounts globally.
0 kommentar(er)
