Migrate Domain Local Groups
Applies To: Windows Server 2008, Windows Server 2008 R2, Windows Server 2012, Windows Server 2012 R2
Applies to: Active Directory Migration Tool 3.2 (ADMT 3.2)
Migrate the domain local groups that exist in the Active Directory domain. You can migrate domain local groups by using the Active Directory Migration Tool (ADMT) snap-in, the ADMT command-line option, or a script.
To migrate domain local groups by using the ADMT snap-in
On the computer in the target domain on which ADMT is installed, log on by using the ADMT account migration account.
Use the Group Account Migration Wizard by following the steps in the following table.
Wizard page Action Domain Selection
Under Source, in the Domain drop-down list, type or select the NetBIOS or Domain Name System (DNS) name of the source domain. In the Domain controller drop-down list, type or select the name of the domain controller, or select Any domain controller.
When you perform an intraforest migration, the domain controller that holds the relative ID (RID) operations master (also known as flexible single master operations or FSMO) role is always used as the source domain controller, regardless of your selection.
Under Target, in the Domain drop-down list, type or select the NetBIOS or DNS name of the target domain. In the Domain controller drop-down list, type or select the name of the domain controller, or select Any domain controller, and then click Next.
Group Selection
Click Select groups from domain, and then click Next. On the Group Selection page, click Add to select the groups in the source domain that you want to migrate, click OK, and then click Next.
Or
Click Read objects from an include file, and then click Next. Type the location of the include file, and then click Next.
Organizational Unit Selection
Type the name of the organizational unit (OU), or click Browse.
In Browse for Container, locate the OU in the target domain to which the domain local groups are migrating, and then click OK.
Group Options
The Migrate Group SIDs to target domain and Fix Group Membership check boxes are selected and appear dimmed.
Ensure that no other options are selected.
Naming Conflicts
Click Ignore conflicting accounts and don’t migrate.
To migrate domain local groups by using the ADMT command-line option
On the computer in the target domain on which ADMT is installed, log on by using the ADMT account migration account.
At a command line, type the
ADMT Groupcommand with the appropriate parameters, and then press ENTER:ADMT GROUP /N "<group_name1>" "<group_name2>" /IF:YES /SD:" <source_domain>" /TD:" <target_domain>" /TO:" <target_OU>"As an alternative, you can include parameters in an option file that is specified at the command line, as follows:
ADMT GROUP /N "<group_name1>" "<group_name2>" /O: "<option_file>.txt"The following table lists the parameters that are required for migrating domain local groups, the command-line parameters, and option file equivalents. For a complete list of all available parameters, see ADMT v3.1 Help.
Parameters Command-line syntax Option file syntax Intra-forest
/IF:YESIntraForest=YES<Target domain>
/TD:"target_domain"TargetDomain="target_domain"<Target OU> location
/TO:"target_OU"TargetOU="target_OU"Conflict management
/CO:IGNORE(default)ConflictOptions=IGNOREReview the results that are displayed on the screen for any errors.
Open Active Directory Users and Computers, and then locate the target domain OU. Verify that the domain local groups exist in the target domain OU.
To migrate domain local groups by using a script
- Use a script that incorporates ADMT commands and options for migrating domain local groups. You can use the same script that you used to migrate universal groups. For more information about migrating universal groups, see Migrate Universal Groups, earlier in this guide.