For the best web experience, please use IE11+, Chrome, Firefox, or Safari

What is Active Directory Migration?

Learn what Active Directory migration is and how it works.

Often, an IT migration is essentially an upgrade — a move to a newer version of a product. For example, you might have migrated your home PC from Windows 7 or 8 to Windows 10, or upgraded to the newest version of your favorite applications to get the latest and greatest features.

Active Directory migrations are different and more complex undertakings with many moving parts and far-reaching consequences. Despite the complexity it’s important to undertake AD migrations for the same reasons you upgrade your own OS and applications: to get new features and functionality, and because Microsoft, like every vendor, eventually stops supporting older versions of its products, leaving organizations that use the outdated software at increased risk of downtime, security issues and compliance failures.

Active Directory migration explained

What is Active Directory Migration?

What is Active Directory Migration?

To understand why AD migrations are more complex than other software or hardware upgrades it’s important to understand that Active Directory is not a standalone product. Rather, its core service, AD DS, is included in the Windows Server operating system. Therefore, you don’t migrate AD directly; rather, by upgrading Window Server on your domain controllers, you’re migrating Active Directory.

“Active Directory” refers not just to the code that Microsoft delivers as part of Window Server, but the complex ecosystem that organizations have built using it. Often, they have created thousands or even hundreds of thousands of AD objects, each with a complex set of attributes. They have lovingly crafted and honed their Group Policy to control what users and computers can and cannot do. They have established their forests, trees and domains, and fine-tuned their AD security groups and OUs. As a result, an Active Directory migration is a complex undertaking with many moving parts and far-reaching consequences.

What are AD consolidation and restructuring?

What are AD consolidation and restructuring?

When you set up your Active Directory, you made some important decisions about its structure. Some of them, like what security groups and OUs to have, are fairly easy to change over time as your business requirements evolve, but others — such as what domains you have, the domain names you’re using and what your directory schema looks like — are less easy to modify on the fly because they affect the very foundation of your directory. Instead, you need to carefully plan out your changes and implement them carefully as part of a consolidation or restructuring project.

Over time, organizations can find that their original AD design simply hasn’t worked out well, or that the environment has become disorganized and hard to manage. They might need to move objects from one domain to a different target domain in the same AD forest, or undertake more serious repairs and renovations. Similarly, organic growth of the organization can require an Active Directory restructure or redesign. Major changes to the business, such as a merger, acquisition or divestiture, are also common drivers for an Active Directory consolidation or restructuring.

How do AD migrations, consolidations and restructuring fit together?

How do AD migrations, consolidations and restructuring fit together?

While it’s possible to do any one of these projects without the others, the reality is that they’re all about taking your Active Directory from point A to point B. That’s a big job, so it makes sense to get the point B that you truly want by combining the Active Directory migration, consolidation and restructuring efforts into a single project.

In other words, if you’re looking to get the new AD features and support offered by the latest version of Windows Server, it’s smart to seize the opportunity to also clean up, consolidate and restructure your AD while you’re at it. Similarly, if you’re putting in the effort to consolidate or restructure your Active Directory, you might as well migrate to the latest version of Windows Server and get all the benefits that entails as well.

What’s involved in an AD migration project?

What’s involved in an AD migration project?

Completing your Active Directory migration correctly and on schedule is essential for user productivity, business continuity and security — but migrations are notoriously complex and risky projects. The first step is careful planning: You need to know exactly what point A (your current environment) and point B (your desired environment) look like, lay out your procedures for getting there, and test your plan thoroughly to work out any issues or oversights.

Then you need to clean up your current AD as much as possible by right-sizing permissions, purging inactive accounts and so forth. You also need to tease out constraints about scheduling and priorities, and get buy-in from all stakeholders. And you should make sure you have a current backup, rollback capabilities and a recovery plan in case you run into problems during the migration process.

Only then should you even think about running any actual migration jobs. If possible, start with a test environment that mirrors your production environment as closely as possible, and then move on to pilot tests in the production environment. Since migrations take time, be sure you have a coexistence strategy that enables users to remain productive no matter which accounts and resources have been migrated and which have not.

Using an Active Directory migration tool

An Active Directory migration solution is essential to ensuring a successful migration project — one that is accurate and secure, seamless for the business and completed on schedule. Choosing the right Active Directory migration solution and an experienced partner can dramatically simplify the work and minimize the risk involved in your AD migration, consolidation or restructuring project.

With Migration Manager for Active Directory and Secure Copy, you can develop a comprehensive plan and execute a successful Active Directory migration, consolidation and restructuring project — on time and on budget, while ensuring that users maintain secure access to workstations, resources and email throughout the entire project.

Plan your migration
Develop a comprehensive plan and prepare by staging users, scheduling workstation moves and updating permissions.
Test your plan
Mirror your production AD environment to a test environment to test the live impact of your planned migration processes.
Migrate with zero impact on users

Migrate, consolidate and restructure your AD during business hours with no adverse effect on user productivity.

Move all types of objects

Move users, their attributes, groups, computers printers, directory permissions and more.

Avoid user frustrutation
Maintain seamless user access to all network resources throughout the project.
Automate updates
Save time and reduce risk by automatically updating permissions and resources, including AD, SharePoint, Exchange, IIS, and more.
Complete the project quickly

Automate your migration and enable parallel processing to shorten your migration timeline.

Migrate with confidence
Confidently manage your migration with confidence through a robust project management interface.

Of course, any migration or consolidation project still involves risk. So look for a vendor that offers world-class assistance to avoid pitfalls and streamline the migration process and ensure success.

Where can I get help with my AD environment?

Where can I get help with my AD environment?

Quest is the go-to vendor for Active Directory solutions. We can help you manage, secure, migrate and report on your AD environment to drive your business forward. Here’s where you can learn more:

Resources

Common IT Pitfalls of Mergers and Acquisitions
Common IT Pitfalls of Mergers and Acquisitions

02:19

Video
Common IT Pitfalls of Mergers and Acquisitions
Don't let the rush to Legal Day 1 derail your IT integration. Watch this video to learn about several IT security pitfalls to avoid during the complexity of your M&A. Visit our Mergers & Acquisitions solutions page to learn more.
Watch Video
IT Integration Best Practices in Mergers & Acquisitions (M&A)
White Paper
IT Integration Best Practices in Mergers & Acquisitions (M&A)
IT Integration Best Practices in Mergers & Acquisitions (M&A)
Merger and acquisition (M&A) activity, which can help organizations expand their customer base, diversify their products and services and acquire new technology to stay competitive, all begin with IT integration. However, many IT teams face special challenges in achieving the technology integration
Read White Paper
M&A IT Integration Checklist: Active Directory
Technical Brief
M&A IT Integration Checklist: Active Directory
M&A IT Integration Checklist: Active Directory
If your organization is involved in a merger and acquisition, the impending IT integration project might seem overwhelming. But it needn’t be. In fact, the project can be the perfect opportunity to clean up, consolidate and modernize your Microsoft IT infrastructure to meet the business requir
Read Technical Brief
Privileged perspective: Understanding the risk of legacy AD architecture
White Paper
Privileged perspective: Understanding the risk of legacy AD architecture
Privileged perspective: Understanding the risk of legacy AD architecture
In this informative white paper, Quest service partner XMS Solutions dives into the risks associated with legacy AD architectures as well as how to avoid them.
Read White Paper
Active Directory Migration: Seven Lessons Learned
E-book
Active Directory Migration: Seven Lessons Learned
Active Directory Migration: Seven Lessons Learned
We asked our AD migration customers to share what they learned through their own migration experiences. Read the top 7 lessons to help plan your own migration.
Read E-book
Active Directory Migration Solutions Comparison: Quest vs. Native Tools
Technical Brief
Active Directory Migration Solutions Comparison: Quest  vs. Native Tools
Active Directory Migration Solutions Comparison: Quest vs. Native Tools
This document compares Quest Migration Manager for Active Directory (MMAD) version 8.14 to the Microsoft Active Directory Migration Tool (ADMT) 3.2 February 2018 release.
Read Technical Brief
Customers are talking about Migration Manager for Active Directory
E-book
Customers are talking about Migration Manager for Active Directory
Customers are talking about Migration Manager for Active Directory
Customers share their experiences with Migration Manager for Active Directory
Read E-book

Videos

Dive into Active Directory
Dive into Active Directory

02:25

Video
Dive into Active Directory
Learn why Active Directory is at the heart of everything you do in the workplace.
Watch Video
Why IT integration is critical to M&A success
Why IT integration is critical to M&A success

02:11

Video
Why IT integration is critical to M&A success
A successful M&A starts with IT integration that delivers on executive expectations of cost synergies. Learn more in this short video.
Watch Video
 Avoid these IT integration failures in your M&A
Avoid these IT integration failures in your M&A

02:27

Video
Avoid these IT integration failures in your M&A
Hear tips to help establish a repeatable M&A framework to ensure the success of your next M&A process.
Watch Video
Improve AD Security to Protect Your Resources
Improve AD Security to Protect Your Resources

02:23

Video
Improve AD Security to Protect Your Resources
Active Directory and Azure Active Directory are at the core of your organization's security allowing employees, partners, customers and devices to authenticate to a network to access resources. Targeting these AD credentials for access to these company resources are cyber criminals. Uncover how to improve your AD security to prevent unauthorized access using Quest's Microsoft platform migration, security and management tools.
Watch Video
TEC TALK - Office 365 & Azure Active Directory Security | Quest
TEC TALK - Office 365 & Azure Active Directory Security | Quest

01:03:26

Video
TEC TALK - Office 365 & Azure Active Directory Security | Quest

Learn how to prioritize Office 365 & Azure AD security for your remote workforce in this TEC Talk presented by Microsoft Certified Master, Sean Metcalf.

Watch Video
TEC Talk: Hardening Privileged Access
TEC Talk: Hardening Privileged Access

01:06:36

Video
TEC Talk: Hardening Privileged Access
Learn steps you can take to secure privileged Active Directory access.
Watch Video
Plan Ahead to Avoid AD Disaster
Plan Ahead to Avoid AD Disaster

02:10

Video
Plan Ahead to Avoid AD Disaster
Recovery plans and backups will help companies avoid AD disaster.
Watch Video
How to reduce AD security risks and insider threats
How to reduce AD security risks and insider threats

01:32

Video
How to reduce AD security risks and insider threats

Hank the Hacker is back and he's ready to attack your Active Directory (AD) environment, whether on-premises or in the cloud. Worse yet, this time he brought friends. With Disgruntled Dan and Careless Craig, he has even more leverage to take control. That's why it's so important to get protected.

Read this informative e-book, Nine Best Practices for AD Security, and discover what you can do to protect your environment from insider threats. Explore:

  • Why attackers target AD and how the growing popularity of Office 365 increases the threat
  • What an AD security breach means to the organization
  • Why it is difficult to secure Active Directory using native auditing alone
  • How a typical insider threat unfolds and how to identify common insider threat indicators
  • How following nine critical security best practices will help you minimize the risk of the internal threats to the availability, confidentiality and integrity of your AD

Watch Video

Blogs

Quest Active Directory Security Assessments Reveal Top 4 Issues: #1 Service Accounts (Part 1 of 3)

Quest Active Directory Security Assessments Reveal Top 4 Issues: #1 Service Accounts (Part 1 of 3)

In Part 1 of our Quest Security Assessment series, we focus on the top vulnerabilities we have discovered in Active Directory: Service Accounts.

How to Continue Your AD Migration When Everyone is at Home

How to Continue Your AD Migration When Everyone is at Home

Some AD Migrations must continue, even in this health crisis. This post outlines how you can move your migration forward even with a remote workforce.

In the Fog of War, You Need Options…Not Just One but Many! Quest Has You Covered.

In the Fog of War, You Need Options…Not Just One but Many! Quest Has You Covered.

When it comes to disaster recovery, you need a solution that fits your situation. Find out how Recovery Manager for Active Directory delivers both power & flexibility.

Insider’s Guide to a Malware Event — In Case of Fire, Break Glass

Insider’s Guide to a Malware Event — In Case of Fire, Break Glass

Malware can spread at an alarming rate. To protect your organization from these attacks, having a comprehensive, flexible disaster recovery plan is essential. Learn more.

Be Very Afraid — When It Comes to AD Disaster Recovery, You Need Choices!

Be Very Afraid — When It Comes to AD Disaster Recovery, You Need Choices!

Learn about the true danger of malware attacks, why a solid disaster recovery plan is essential, and how to do AD recovery right the first time.

The Many Colors of AD Security – Microsoft Red Forest, Orange Forest, Greenfield or Blue?

The Many Colors of AD Security – Microsoft Red Forest, Orange Forest, Greenfield or Blue?

Discover the different models of Active Directory (AD) security, including the Red and Orange Forest models, Greenfield migrations, and Blue Team.

Get started now

Your go-to vendor for AD migrations, restructuring and consolidations.