|
Another possible place where I may be messing up is for
my domain I have a domain policy that disables "Network Server Digitally sign
communications"
and disables "digitally encrypt secure data channels",
As I have many different clients on the network, NT Mac 2000 etc and I have
seems these digitally sign/ encrypt setting can block communications. As the
password migration requires encryption do I need to re-enable these
features"
Lloyd From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Lloyd Williams Sent: Friday, December 16, 2005 10:50 AM To: [email protected] Subject: RE: [ActiveDir] Interforest Password Migration Thanks for the reply. Yes this is the document that I am
using as my guide to do this.
The only part I am not sure about is the part that says the
"users must have administrator rights in both domains."
As far as I can see it is not possible to to add the Domain
Admin from one domain to the Domain Administrators group in the other
domain.
If you go into Active Directory Users and Computers to add
accounts to Domain Admins the only location you are given is that
domain.
So I am assuming that the necessary right come from
creating the trust relationship. When I created this I used the Domain wide
authentication option.
Can I assume that this gives Domain Admins in Domain1
appropriate rights to Domain 2
Thanks
Lloyd From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Almeida Pinto, Jorge de Sent: Friday, December 16, 2005 4:40 AM To: [email protected] Subject: RE: [ActiveDir] Interforest Password Migration Is everything configured as
mentioned in http://support.microsoft.com/kb/326480
Cheers,
Jorge From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Lloyd Williams Sent: Friday, December 16, 2005 01:58 To: [email protected] Subject: [ActiveDir] Interforest Password Migration I am using ADMT v3.0 to migrate users from one
2000/2003 forest to another 2003 forest. I have no trouble migrating users
however I cannot migrate passwords. I have the password migration service
installed on the PDC of the source domain. I have generated a key in the target
domain, then used it in the source domain during the installation of the
Password Migration Service. When I use ADMT to migrate the password I get
"unable to establish a session with the password export server. Access is
denied"
I have the password export service on the
source machine running as the administrator on
the target machine.
The trusts
seem to verify OK, anyone have any
idea?
Thanks
Lloyd This e-mail and any attachment is for authorised use by the intended recipient(s) only. It may contain proprietary material, confidential information and/or be subject to legal privilege. It should not be copied, disclosed to, retained or used by, any other party. If you are not an intended recipient then please promptly delete this e-mail and any attachment and all copies and inform the sender. Thank you. |
- [ActiveDir] Interforest Password Migration Lloyd Williams
- RE: [ActiveDir] Interforest Password Migratio... Brian Desmond
- RE: [ActiveDir] Interforest Password Migr... Lloyd Williams
- RE: [ActiveDir] Interforest Password Migratio... Almeida Pinto, Jorge de
- RE: [ActiveDir] Interforest Password Migratio... Lloyd Williams
- RE: [ActiveDir] Interforest Password Migratio... Lloyd Williams
- RE: [ActiveDir] Interforest Password Migratio... Almeida Pinto, Jorge de
- [ActiveDir] OS 10.4 and W23k Ad Za Vue
- Re: [ActiveDir] OS 10.4 and W23k Ad Kevin Gent
- Re: [ActiveDir] OS 10.4 and W23k Ad John Singler
- Re: [ActiveDir] Interforest Password Migr... Mylo
- RE: [ActiveDir] Interforest Password Migratio... Grillenmeier, Guido
- RE: [ActiveDir] Interforest Password Migratio... Grillenmeier, Guido
- RE: [ActiveDir] Interforest Password Migratio... Grillenmeier, Guido
