How can I determine who has performed this task where SID history was migrated? (NETIQKB7150)

  • 7707150
  • 02-Feb-2007
  • 16-Aug-2007


How can I determine who has performed this task where SID history was migrated?

Domain Migration Administrator 6.x

Domain Migration Administrator 7.x

  1. Review the migration.log file.  This file is located on the DMA console in \Program Files\NetIQ\DMA\Logs.  This will give you the date and the time when a migration with SID History was performed.  This log is appended to for each migration task, but each migration begins with the line:  'Domain Migration Administrator and Server Consolidator Version 7.x (Build xx), Starting...' and will correspond to the date and time you ran the migration.
  2. When SID History is migrated, an event is recorded in the Security log of the target domain controller.  Once you have the date and time, you can browse or search the Security log for a Success Audit event at this time.  You can use the CN of the account that was migrated for additional search capabilities.  The User column will identify the account that was used to migrate this account.  Refer to NETIQKB7585 for details of the Account Management events that are logged.  For example, event 624 means User Account Created.  For auditing purposes, you may wish to archive the Security logs rather than purging them. An event is also logged on the source domain PDC/PDC Emulator. Since NT domains do not have SID History events, an event is logged for local group membership updates. During the SID History migration process the SID History API adds and removes users one at time to the sourcedomain$$$ local group. 
  3. If additional information is necessary, it is also possible to determine which Project was used to perform the task.  In the DMA console, when a project has been selected on the left pane, the center pane displays the Migration History of that project.  This Migration History states the date and time that the task was performed, and also displays the account that was used to perform the migration in the format DOMAIN\userid.
  4. To find this project, you can look at each project in the DMA MMC, or you can use Reporting, or you can use the Action History table in the protar database. To use DMA Reporting, in the left pane of the MMC, Expand the Project, expand Reports, expand Migration Tasks Performed, click on Action History. Then view the report on the right pane, or click on the Action History report name to generate the report.  Go through this looking for an action of Migrate User Accounts for the specific date.
  5. Using the Action History table is another way to determine which project was used to perform the migration task.  In this method, use Microsoft Access to open the protar.mdb file which is located in \Program Files\NetIQ\DMA.  Then, click on Tables, double click on Action History.  Go to the bottom row then work your way up, looking for the row called 'Options.Project'.  The value for this property will be the name of the Project that was used for the operation.  The ActionID is the same for all rows in that operation.  So, find the row where Options.Project has the value with the name of the project that was used in the Exchange mailbox translation, then go up to the next row for Options.Project, which will contain the name of the project that was used for the account migration.

WARNING: Changing the records in any DMA database table is not supported unless instructed to do so by NetIQ Technical Support.

Additional Information

Formerly known as NETIQKB7150