This guide is designed to provide a quick reference for getting set up with a Active Directory project. At the end of this guide you will be familiar with supported setups, basic requirements, and deployment components. This guide assumes some familiarity with the Active Directory platform and in particular Directory Sync.
The word ‘Devices’ in a Active Directory context refers to workstations or servers. That is, the domain joined end-user computers on your network which you will be migrating.
This guide covers the setup of a one-way device migration scenario between one (1) source local Active Directory environment and one (1) target local Active Directory environment.
This guide does not specifically cover File Share and Network Storage migration, Group and other resource migration, or consolidation or divestiture scenarios. However, those operations can easily be performed following onto the information provided in this guide.
A typical device migration can be broken into 4 easy steps to get started quickly.
Set up Directory Sync
Install the Active Directory Agent
Set up Active Directory Profiles and Configurations
Perform migration activities ReACL and Cutover of Devices
The first step in a Active Directory Device migration is to set up one-way directory synchronization between the source and target local environments. Active Directory works on top of Directory Sync so we will set up this synchronization there.
Install Directory Sync agents in both the source and target using the standard configuration for directory synchronization as directed in the User Guide.
You will need source and target Directory Sync Environments defined which have Device objects included in the OU and object filter scopes. You will also need a Directory Sync Workflow using those Environments with at minimum a Read step and a Match step in order for those Devices to become visible in Active Directory.
Note: In order to successfully perform a migration and ReACL activities, User objects will also need to be read in from the source and target and matched. Those User operations can be performed in a separate Directory Sync Workflow, there is no need to include them in the Devices Workflow.
Should you choose to include User objects in the same Workflow with your Device objects you will need to include the Stage Data and Write out steps. If you go this route see also the Help Center for more information on the Device Migration Profile setting ‘Join to Existing Devices’.
Run the Workflow at least twice in order to verify that any object creations or matches which have been done in the target have been added to the Directory Sync database.
At this point Device Objects which have been Read In from the source Environment should appear in the Active Directory Devices + Servers page on the Not Ready Devices tab. If this has not happened troubleshoot the Directory Sync Environments and Workflow. Then proceed to Step Two when Not Ready Devices are showing up as expected.