Here is an example of a script that will allow you to add the SID History attribute to accounts that already exist in the Windows 2000 domain but were not migrated using NetIQ's Domain Migration Administrator. The pre-process script is designed to write the attributes of the existing Windows 2000 objects [CN and Display Name] to a file. After the migration, the post-process script writes those attributes (from the file) back to the Windows 2000 objects.
These scripts were required to perform these tasks because any non-null value for an object in the Windows 2000 domain will be overwritten by the source domain object's attributes during the migration process. The following scripts would be used at the same time. For more on scripting, please see the on-line help in Domain Migration Administrator.
PLEASE NOTE: Scripting is NOT Supported by NetIQ for DMA. If you wish to seek NetIQ services for scripting solutions, please contact your Sales Representative about our 'Custom Solutions' group.
' Reset the varset entries
settings.put "GotOldValues", "No"
settings.put "OldCN", ""
settings.put "OldDisplayName", ""
' Setup an ADO query on the AD to get the values from the target object.
Set con = CreateObject("ADODB.Connection")
Set rs = CreateObject("ADODB.Recordset")
Set Com = CreateObject("ADODB.Command")
'Open a Connection object.
con.Provider = "ADsDSOObject"
con.Open "Active Directory Provider"
'Create a command object on this connection.
Set Com.ActiveConnection = con
'Set the query string.
strName = Settings.get("CopiedAccount.SourceSam")
Com.CommandText = "<LDAP://" & Settings.get("Options.TargetDomain") & ">;(samAccountName=" & strName & ");ADsPath,sAMAccountName,cn,displayName"
'Set the preferences for Search.
Com.Properties("Page Size") = 1000
Com.Properties("Timeout") = 30 'seconds
'Execute the query.
Set rs = Com.Execute
' save the display name and CN for later
If rs.RecordCount = 1 Then
settings.put "OldCN", rs.Fields(2).Value
settings.put "OldDisplayName", rs.Fields(3).Value
settings.put "GotOldValues", "Yes"
' Check if we were successful in getting the values
done = Settings.get("GotOldValues")
if ( done = "No" ) then
'Did not get the values so exiting
' retrieve the values we saved earlier
oldCN = Settings.get("OldCN")
oldDispName = Settings.get("OldDisplayName")
' reset the display name to the old value
' reset the cn to the old value
Set parentOU = GetObject(TargetObject.Parent)
path = TargetObject.ADsPath
Set pTemp= parentOU.MoveHere(path, "CN=" & oldCN)
'Update the varset with the proper values
Settings.put "CopiedAccount.TargetName", pTemp.Name
Settings.put "CopiedAccount.TargetPath", pTemp.ADsPath