Search /
Docfinder:
Advanced search  |  Help  |  Site map
RESEARCH CENTERS
SITE RESOURCES
Click for Layer 8! No, really, click NOW!
Networking for Small Business
TODAY'S NEWS
Apple tops the $100B+ tech club
How to get the IRS' attention: Forge nearly $8 million in tax returns, steal identities
How the Phoenix Suns basketball team takes on social media attacks
Microsoft details Windows 8 for ARM devices
Blogger exposes major Google Wallet security flaw
Web app lets enterprise set security, sharing for Google Apps users
Cloudscaling to offer OpenStack private cloud platform
Macs take on the enterprise
Valentine's Day Patch Tuesday: Microsoft to issue 9 patches, 4 critical
Mobile World Congress sneak peek: Quad-core smartphones, Ice Cream Sandwich & more
Microsoft details 'Windows on ARM' program
March debut of 'iPad 3' a sure bet, says analyst
Resume Makeover: How an Information Security Professional Can Target CSO Jobs
FBI unbolts Steve Jobs 1991 investigation file
/

Microsoft directory tool has limits

Today's breaking news
Send to a friendFeedback

By John Fontana
Network World, 03/20/00

Microsoft has released a promised directory migration tool, but large companies will need something extra to complete the move to Active Directory in Windows 2000.

The Active Directory Migration Tool (ADMT) is a wizard-driven tool that migrates users, groups and resources from Windows 3.51 and NT 4.0 to Active Directory. While Microsoft says the free tool will appeal to the majority of customers, the company defines those customers as having a small number of NT 4.0 domains and a simple network infrastructure.

Large enterprises have seen their NT 4.0 domains grow bloated and sloppy over the years, and will want to clean out the clutter in those domains and collapse them into fewer domains before migrating, experts say.

Those customers also are likely to migrate user data into Active Directory from other systems, such as human resources and payroll databases or other directories, and will want to create model environments to test their directory structures before going live. All those needs will require third-party tools from such vendors as Aelita, Entevo, FastLane and Mission Critical Software.

"ADMT is a bulk tool without a lot of controls," says a systems engineer with a multinational corporation who requested anonymity. "There is no way to do the testing and consolidation you need before migrating."

Others have turned to ADMT only after using other tools.

"I wrote my own tool to do modeling routines for the directory," says Eric Craig, network architect for Continental Airlines. "We then used ADMT and ClonePrincipal as we moved users and groups." ClonePrincipal is a feature of ADMT that allows NT 4.0's secure IDs, or SIDS, to be appended to user records in Active Directory so those users can still access resources in NT 4.0 domains that are active during a migration.

Microsoft makes no bones about the limitations of ADMT, although it contends it will fit the needs of 75% of users.

Some of the limitations of ADMT include the need to upgrade every NT 4.0 domain controller within an individual domain at once. Users must do that to support ClonePrincipal so they can maintain access to NT 4.0-based domains that have yet to be upgraded. Users also will have to migrate any applications in the upgraded domains to Win 2000. Users also can't do NT 4.0-to-NT 4.0 domain migrations as a way to restructure domains.

"ADMT assumes you will completely migrate to Win 2000," says Olivier Thierry, vice president of product management for Mission Critical, which licensed the base code for ADMT to Microsoft. "There is no content sanity-check before you migrate, you don't do anything intelligent with the data. Users will want to clean up their naming structures and orphan accounts before they move, not after."

RELATED LINKS


NWFusion offers more than 40 FREE technology-specific email newsletters in key network technology areas such as NSM, VPNs, Convergence, Security and more.
Click here to sign up!
New Event - WANs: Optimizing Your Network Now.
Hear from the experts about the innovations that are already starting to shake up the WAN world. Free Network World Technology Tour and Expo in Dallas, San Francisco, Washington DC, and New York.
Attend FREE
Your FREE Network World subscription will also include breaking news and information on wireless, storage, infrastructure, carriers and SPs, enterprise applications, videoconferencing, plus product reviews, technology insiders, management surveys and technology updates - GET IT NOW.