- You have completed an account domain migration from a migration workstation where you have installed the Active Directory Migration Tool (ADMT).
Note The migration workstation in this scenario is a master workstation.
- Your resource domain is across a wide area network (WAN) link, and you want to migrate this domain by using other workstations that are local to the resource domain.
During the security translation process, the ADMT references the database to determine the security principals that must be modified. It is a best practice to perform the migration from a single workstation where the Active Directory Migration Tool (ADMT) is installed so that the program can access the Protar.mdb database.
However, if you must perform the migration from alternative workstations, make sure that you copy the Protar.mdb database from the master migration workstation to the alternative workstations. Additionally, if you copy the Protar.mdb database from the master workstation to the alternative workstations, make sure that you first follow these steps:
- Make sure that both the source and the target computers are running ADMT version 2.
- Back up the existing Protar.mdb database on the target workstations before you copy the master database.
- Copy the Protar.mdb database from the installation folder of the ADMT tool on the master workstation to the installation folder of the ADMT tool on the target workstations.
The SID mapping file is a comma separated values (CSV)-formatted file. In the SID mapping file, specify first the source SID and then the target SID, separating each SID value by a comma. If the account domains are accessible, you can specify the source and the target account names and then separate them by a comma instead of specifying the source and the target SIDs. To specify the account names, use the following format:
- Connect to the Protar.mdb database, and then retrieve the recordset:Note "C:\Program Files\Active Directory Migration Tool\Protar.mdb" represents the default path of the Protar database, and “rs” is the recordset. Also, the ADMT installation path can be determined by querying the HKEY_LOCAL_MACHINE\Software\Microsoft\ADMT\Directory registry subkey.
Set objConnection = CreateObject("ADODB.Connection")
objConnection.Open "Provider=Microsoft.Jet.OLEDB.4.0;Data Source=C:\Program Files\Active Directory Migration Tool\Protar.mdb"
Set rs= CreateObject("ADODB.RecordSet")
Set rs = objConnection.Execute ("Select * FROM [MigratedObjects]")
- Create a new SID mapping file to write the contents of the recordset to:Note "Sidmapping.txt" is the file where the SID records will be written.
Set fso = CreateObject("Scripting.FileSystemObject")
Set fo = fso.OpenTextFile("sidMapping.txt", 2, True)
- Move through the recordset, and then write the source SID and the target SID to the SID mapping file:
Do while not rs.EOF
fo.write rs("SourceDomainSid") & "-" & rs("SourceRid") & "," & rs("TargetDomain") & "\" & rs("TargetSamName") & vbcrlf
Article ID: 835991 - Last Review: Mar 29, 2017 - Revision: 3