How do I merge user properties from the source and target domains? (NETIQKB10665)

  • 7710665
  • 02-Feb-2007
  • 09-Oct-2007


How do I merge user properties from the source and target domains?

Domain Migration Administrator 6.x

Domain Migration Administrator 7.x


Domain Migration Administrator (DMA) does not 'merge' user properties from the source account with those of an existing account in the target domain.  It can update an existing account with the properties of an account in the source domain.

If the accounts have the same SamAccountName, DMA will find that these account conflicts.  The conflict options that you have configured in DMA will then be followed.  To update the existing account with the properties of the source account, you should select the option to Replace and Update conflicting accounts.  Selecting 'Replace and Update' will copy all the properties from the migrated account to the existing target account, and will allow you to migrate SID history.  If the source account does not have the same SamAccountName as the target account, then database modeling and/or scripting must be utilized to give the new account a SamAccountName that matches that of an existing account, so that the migrated account will conflict with the existing account when it is migrated.

This can be done if you use the following procedure for migrating both "DomainA\User1" and "DomainB\User1" to "DomainC\User1":

  1. Migrate "DomainA\User1" to "DomainC\User1", by selecting Migrate accounts SIDs to target domain.
    • Note: This is in a DMA project where "DomainA" is the source and "DomainC" is the target.
    • Note:  Step 2 is only needed if you are migrating two different users from the same domain (DomainA\User1 and DomainA\User2).
  2. Go to Select Objects wizard and remove "DomainA\User1" from the project.
    • Note: Steps 3 and 4 are only needed if the samAccountName of "DomainA\User1" and "DomainB\User1" are different.
  3. Import data for data modeling in a DMA project where "DomainB" is the source,"DomainC" is the target.
  4. Edit user data with database modeling to change the samAccountName of "DomainB\User1" to make it identical to the samAccountName (downlevel user logon name) of "DomainC\User"1.
  5. Migrate "DomainB\User1",  by selecting Migrate data using modeling database as source (if step 4 applies), Migrate accounts SIDs to target domain and Replace and Update conflicting accounts.
  6. "DomainC\User"1 will now have both source SIDs in its SID history attribute, and will be able to access resources using SID history.

Additional Information

Formerly known as NETIQKB10665