Migration Tools: CopyOUStructure and user objects

6 Dec

CopyOUStructure is a command-line solution to aid cross-forest migration scenarios.

Most cross-forest migration projects happen under heavy time pressure. The structure of organizational units within the common target forest is in most cases no subject to change, as the current structure shall be kept from the source. The redesign of the OU structure is in most cases part of a later project, as it should not have any impact with the migration itself, and would only increase the budget and lenght in time of the migration project.

The effect will carry out the most when using ADMT: It is only able to migrate all user-objects in one target OU or to clone source OUs with users direct to the target root. But in most cases you will want to replicate the source OU-structure into on sub-OU on the target. There is  a possibility to copy a whole OU-structure, but only at top-level, which is desaterous when planning a company-merge.

We also need to replicate the source OU-structure to be able to migrate the GPOs of the source and link them corresponding to the source domain. Groups on the other hand are not in the scope of this tool, as for a membership it does not matter where the group physically exists.

As our consulting is involved in many migration projects, we developed this tool to aid the projects.

We also decided that we want to provide this tool without any cost:

Download free full-version

 Just replicating the OU-Structure will not do the whole job. If you would only like that (so not moving the migrated users to the corresponding OU) you might find these links helpful:

 Starting Point

In the following example we have two Companys (CompanyA and CompanyB) sharing the same forestname. For different reasons they want to merge CompanyB into CompanyA.

The Structure of CompanyA will stay untouched. The OU-Structure of CompanyB will be replicated into one top-level OU in CompanyA. Using ADMT, the Active Directory Objects of CompanyB will be migrating into this OU. Once all objects are successfully migrated, they shall be moved into the OU corresponding to their Parent-OU of their source domain. To aid understanding of this structure, please see the picture at the end of this article.

The Tool

To prevent the administrators from manually moving the user objects into their new OU (Corresponing to their source-OU), we developed the tool CopyOUStructure:

 Syntax: 
CopyOUStructure <Source-OU-DN>, <Target-OU-DN>
Example:
CopyOUStructure "OU=Top One,DC=companyB,DC=com", "ou=FromcompanyB,DC=CompanyA,DC=com"

Please Note: Both DN-Parameters are case sensitive. When you enter the DNs mismatching the case the tool will correct that automatically.

You can also run the tool multiple times, e.g. while testing or migrating only some users at a time.

Prerequisities

The account executing the tool will need read-permissions on the source domain and modify permissions on the targeted OU. Also the domains need to have a fully functioning trust between them.

Also the migrated users need all to be placed in the OU of the target-ou parameter.

Process

The Tool will start with searching all users in and under the given source-ou parameter. Next it will create all needed OUs in the target-ous. Please note that empty OUs will not be replicated.

In the next step, the tool will move all objects that are found both in source and target to their corresponding OU in ther target structure.

The tool will give you logging via console output, so you might want to pipe the output into a text file using „>> %pathoftextfile%“. 

Download free full-version

Vorschaubild für CopyOUStructure.PNG

 

Leave a Reply

Your email address will not be published. Required fields are marked *