• Questions: Trust and Domain Local group with respect to access token

    Hello IT Engineers,

    Scenario 1: A trust relationship is a link that is established between domains to enable users in one domain to be authenticated by a domain controller in the other domain. Trust relationships are authentication pipelines that must…

  • Migrating domain local groups

    Hi IT Engineers,

    How to migrate source domain local groups that have members from external domain? External domain don't belong to domains pair of migration. So does MMAD can also migrate source domain local group to domain local group in target domain…

  • trust, sidhistory and workstation related questions

    Hi,

    As per discussions in earlier post, workstation criteria matters in authentication as long as there is trust from source domain to target domain and target user want to login on source domain joined workstation. However, with same trust direction…

  • Security Descriptors Processing by ADPW

    Hi IT Consultants,

    I was reading MMAD user guide. I have few questions regarding Security Descriptor migration by ADPW. As per user guide,

    Security Descriptor migration rule—Select the way security descriptors of the matched source and target  objects will b…

  • Suggestion required

    Hi Guys,

    How do I acquire advanced knowledge of Active Directory. Please let me know what is the best way to be proficient in advanced AD knowledge and to have deep understanding. If possible, please share web link of reference materials or suggest name…

  • Processing by RUM and ADPW

    Hello IT Consultants,

    Greetings of the day!

    I have questions and confusion regarding Quest Migration tools RUM and ADPW. Hope you guys will explain this.

    Processing by RUM and ADPW. Let me explain what I meant to say.

    Q1: Resources e.g. File/Folder/Share…

  • Changing Scope of Domain Local Group during Migration

    Hello Tech Guys,

    Here is the scenario:

    Source Domain Local Group is entered in the ACL of the resource and resource is on Source Domain server. Source Domain Local Group has been migrated to Target Domain with sidhistory and during migration group scope…

  • ADPW usage question

    Hello Support Team,

    I've general question related to usage of ADPW tool. 

    Question: If resource is secured with Source Domain Local groups only && Resource Server (Source domain) has been moved to Target domain, then do I still need to process…

  • Domain Migration: “Access Denied“ after Changing Group Type and resource access

    Hello

    Q1: As per https://activedirectoryfaq.com/2016/09/domain-migration-access-denied-group-type-change/ it says to keep authorization group "domain local" in source environment.  Then the types would be identic on both domains. So…

  • Behavior of Sid and Sidhistory

    Hello,

    I;ve general question regarding Sid and Sidhistory. Excuse me for little knowledge.

    Under what scenarios/situations, Sid or Sidhistory will be filtered out from the access token while accessing resources across the trust in another domain or forest…

  • Resource Processing Query

    Hello,

    Only users and groups migrated with sidhistory from source domain to target domain in Inter-Forest migration. However, resources are still in source domain. So after migration, do I still need to Re-ACL of all source domain resources meaning append…

  • How access is granted by source domain local group in target domain resource permission ACL (via migrated group membership or via sidhistory or both) and how exactly access check is performed?

    Hello,

    I've source domain local group applied on resource ACL. Resource have been migrated to target domain server along with ACL permissions as-is. Source domain local group have also been migrated to target domain using sidhistory and scope has been…

  • Active Directory Processing

    Hello,

    Greetings of the day! Hope you guys are doing well.

     

    As per resource processing guide in Active Directory Processing, it says Add target users to source groups. This is the most common operation for ADPW. 

     Q1. I need to know what are the circumstances…

  • ADPW - Operations and tasks

    Hello,

    I want to understand what are the common operations and tasks of ADPW tool.

    Q1- How do I determine whether I need to run this tool or not?

    Q2- Do I need to run this tool against source domain or target domain inter-forest migration project?

    Q3…

  • Resource process - Append or Replace

    Hello,

    What  are the criteria of Append and Replace while resource process? I mean how do I know whether I have to do Append or Replace in resource process. Is there a way to determine this? What are those rules for Append and Replace?

    For example: Security…

  • Resource Access - Sid vs Sid History vs group membership vs all

    Hello,

    This sounds very basic question. Excuse me for my little knowledge.

    However, I still need to fully understand how access is granted on resource (source domain / target domain) to any user (migrated with or without Sid History / newly created in…

  • Resource Processing

    Hello,

    Post inter-forest migration, source user objects migrated in target domain along with sidhistory and those source user objects were deleted. Source group objects were copied in target domain along with sidhistory. Most of the resource have been…

  • Foreign Security Principal Objects belongs to Local Internal Domain accounts instead of trusted external domain accounts

    In my AD environment, there are lot of FSP objects belong to local Internal domain accounts instead of trusted external domain accounts showing under Foreign Security Principals container. I mean SID value of FSP objects (showing under Name column in…

  • QMM for AD, passwords do not synchronize from destination to source, only from source to destination?

    Any idea why this happens? I have two domains, one source and destination, the synchronization of passwords in both directions was working, we even started the migration process and it is not possible to synchronize keys from destination to source. We…

  • QMM for AD, passwords do not synchronize from destination to source, only from source to destination? 

    Any idea why this happens? I have two domains, one source and destination, the synchronization of passwords in both directions was working, we even started the migration process and it is not possible to synchronize keys from destination to source.
We…

  • Way to process and migrate without access to the RUM console

    The only way I've ever migrated machines to a new domain was with full domain admin rights via the RUM console.  Is there a way to build an "offline package" from within the console, that would allow other people (who can't have console access or domain…

  • Same name domain migration issue

    Hello All, 

    I have a question about migration. 

    A company wants to shift to an another building. They also want to  create a new domain with the same name as old one and migrate data from old domain to the new domain.

    How does it possible to migrate with…

  • Hoy sync Exchange attributes with Migration Manager for AD?

    I only have Migration Manager for Active Directory, and need sync attributes like proxyaddreses or extendedAttributes, i don't have Migration Manager for Exchange because the Mailbox aren't local, but use Office 365 with AD Connect.

    I saw an xml…

  • Same suffix upn between two forests

    Hello,

    I have a problem with our migration project.

    We have two forests :

    Domain source : domainA.com   suffix upn toto.com

    Domaine target : domaineB.local suffix upn toto.com

    Is it possible to create Forest Trust between those domains event with conflict…

  • Map SIDs Using Quest Migration Manager for AD map file

    Hello All,

    I am working through a no trust migration between to healthcare companies with QMM for AD 8.14. We have successfully migrated users and workstations. Now we are attempting to use the SecureCopy option "Map SIDs Using Quest Migration Manager…