Migrates computer accounts between Active Directory domains and forests.
The admt computer command-line tool is available in the Active Directory Migration Tool (ADMT). To run admt computer, at the command prompt, type admt computer with the appropriate parameters, and then press ENTER.
For examples of how to use this command, see Examples.
Syntax
admt computer /n "<ComputerName>"[ "<ComputerName2>"] /sd:<SourceDomain> /td:<TargetDomain>
Parameters
Parameter | Description | ||||
---|---|---|---|---|---|
/{n|includename} "<ComputerName>" ["<ComputerName2>"] |
Specifies a computer or a list of computers to migrate. You can specify the following value for this parameter:
|
||||
/{sd|sourcedomain}:"<SourceDomain>" |
Specifies the NetBIOS or Domain Name System (DNS) name of the source domain from which you want to migrate objects. |
||||
/{td:targetdomain}:"<TargetDomain>" |
Specifies the NetBIOS or DNS name of the target domain to which to migrate objects. |
||||
/{o|optionfile}:"<OptionFilename>" |
Specifies to use an options file. You can specify the following value for this parameter:
|
||||
/{if/intraforest}:{yes|no} |
Specifies whether the migration occurs within a single forest. You can specify the following values for this parameter:
|
||||
/{so|sourceou}:"<OUName>" |
Specifies the name of organizational unit (OU) in the source domain. You can specify this parameter only for Active Directory source domains. |
||||
/{to|targetou}:"<OUName>" |
Specifies the name of the OU in the target domain. This parameter is required for both interforest and intraforest migrations. |
||||
/{sdc|sourcedomaincontroller}:"<SourceDomainControllerName>" |
Specifies the NetBIOS or DNS name of the domain controller in the source domain to use for object migration.
|
||||
/{tdc|targetdomaincontroller}:"<TargetDomainControllerName>" |
Specifies the NetBIOS or DNS name of the domain controller in the target domain to use for object migration.
|
||||
/{pre|precheckonly}: {yes|no} |
Verifies that agent deployment succeeds before ADMT performs the migration. You can specify the following values for this parameter:
|
||||
/{tot|translationoption}: {replace|add|remove} |
Specifies how to migrate security identifiers (SIDs) between computers so that ADMT can perform security translation on a migrated computer. You can specify the following values for this parameter:
|
||||
/{tot|translationoption}: {replace|add|remove} |
Specifies how to migrate SIDs between computers so that ADMT can perform security translation on a migrated computer. You can specify the following values for this parameter:
|
||||
/{tff|translatefilesandfolders}: {yes|no} |
Specifies whether to update ACLs for files and folders during migration. You can specify the following values for this parameter:
|
||||
/{tlg|translatelocalgroups}: {yes|no} |
Specifies whether to update ACLs for local groups during migration. You can specify the following values for this parameter:
|
||||
/{tps|translateprinters}: {yes|no} |
Specifies whether to update ACLs for printer shares during migration. You can specify the following values for this parameter:
|
||||
/{trg|translateregistry}: {yes|no} |
Specifies whether to update ACLs for registry settings during migration. You can specify the following values for this parameter:
|
||||
/{tss|translateshares}: {yes|no} |
Specifies whether to update ACLs for shared resources during migration. You can specify the following values for this parameter:
|
||||
/{tup|translateuserprofiles}: {yes|no} |
Specifies whether to update ACLs for user profiles during migration. You can specify the following values for this parameter:
|
||||
/{tur|translateuserrights}: {yes|no} |
Specifies whether to update ACLs for user rights during migration. You can specify the following values for this parameter:
|
||||
/{co|conflictoptions}: {ignore|merge[+removeuserrights] [+removemembers]|[+movemergedaccounts]} |
Specifies an action for ADMT to take when it finds that an object name already exists in the target domain. You can specify the following values for this parameter:
|
||||
/{rdl|restartdelay}: <Minutes> |
Specifies the number of minutes that the computer waits before it restarts after the migration finishes. You can specify the following value for this parameter:
|
||||
/{cx|computerpropertiestoexclude}: {*|"<Property>"|"<Property1>"[, "<Property2>"]..."} |
Specifies the properties to exclude when ADMT migrates a computer. You can specify the following value for this parameter:
|
||||
/{prrtry|autoprecheckretry}: {yes|no} |
Specifies to retry the precheck operation to a remote computer automatically if the operation failed. You can specify the following values for this parameter:
|
||||
/{prrtryi|autoprecheckretryinterval}: <Minutes> |
Specifies the number of minutes between each precheck retry operation. You can specify the following value for this parameter:
ADMT uses this parameter only if the value of the /prrtry command is yes. |
||||
/{prrtryn|autoprecheckretrynumber}: <Number> |
Specifies the number of times to retry the precheck retry operation. You can specify the following value for this parameter:
ADMT uses this parameter only if the value of the /prrtry command is yes. |
||||
/{portry|autopostcheckretry}: {yes|no} |
Verifies that the computer has restarted and joined successfully to the new domain after the postcheck retry operation finishes successfully. You can specify the following values for this parameter:
|
||||
/{portryi|autopostcheckretryinterval}: <Minutes> |
Specifies the number of minutes between each postcheck retry operation. You can specify the following value for this parameter:
ADMT uses this parameter only if the value of the /portry command is yes. |
||||
/{portryn|autopostcheckretrynumber}: <Number> |
Specifies the number of times to retry the postcheck retry operation. You can specify the following value for this parameter:
ADMT uses this parameter only if the value of the /portry command is yes. |
||||
/{f|includefile}: <FileName> |
Specifies the name of a file that contains a list of computers to migrate. You can specify the following value for this parameter:
You can specify only one file with this parameter. |
||||
/{d|includedomain}: [recurse [+{<flatten>|maintain}]] |
Specifies an entire source domain or OU of accounts. You can specify the following values for this parameter:
|
||||
/{en|excludename} "<ComputerName>" ["<ComputerName2>"] |
Specifies computers to exclude from the migration. You can specify the following value for this parameter:
|
||||
/{ef|excludefile}: <FileName> |
Specifies the name of a file that contains the list of computers to exclude from the current migration operation. You can specify the following value for this parameter:
|
||||
[/{UALLMSA | UPDATEALLMANAGEDSERVICEACCOUNTS}:{YES | <NO>} |
Specifies whether all previously migrated managed service accounts will be reinstalled on the migrated computer and the Service Control Manager (SCM) will be subsequently updated. You can specify the following values for this parameter:
|
||||
[/{M | UPDATEMSANAME} “name 1” “name 2”…] |
Specifies a managed service account or a list of managed service accounts to be reinstalled on the migrated computer and whether the SCM will be subsequently updated. You can specify the following value for this parameter:
|
Remarks
In addition to the admt computer command-line tool, you can use the Computer Migration Wizard to migrate workstations and member servers from a source domain that you specify to a target domain that you specify. For more information, see Computer Migration Wizard.
Examples
The following example migrates a computer named WORKSTATION1 from the CONTOSO domain to the TREYRESEARCH domain.
admt computer /n "WORKSTATION1" /sd:CONTOSO /td:TREYRESEARCH
The following example migrates computers that use an include file that is located at C:\temp\MyListOfComputers.txt.
admt computer /o:C:\temp\MyListOfComputers.txt