Dns Migration Tool
Set DHCP server on Source Subnet to use DNS server of Target Domain as primary and use Source DNS as secondary. Use GPO to disable all firewalls and set ADMT service account in Administrators group of all systems. The Password Migration utility wasn't needed to move Computer Accounts.
This post will cover the process of migrating computers from the source domain to the target domain.
Hi Experts,I'm testing the migration of test objects from source to target domain (interforest), so far the steps below have been succesfull- Migrated test Global Group- Migrated test user (disabled in target)- Translate Profile (Replace mode)When i try to do the next step which is migrating the test computer i get the below errorERR2:7711 Unable to retrieve the DNS hostname for the migrated computer '####-DT10732.############ ########## ####. Issue has been fixed.the error msg is a bit vague from the admt console log (the one in the question subject) but when i checked further the issue by going to the agent logs files through windows explorer on the target DC where ADMT is installed i found another error msg which is more related to the cause of this issue, see below.ERR3:7075 Failed to change domain affiliation, hr=800704f1 The system detected a possible attempt to compromise security.
Admt Requirements
Please ensure that you can contact the server that authenticated youbasically the issue is that the machine can't authenticate to the new 2008 R2 DC as it uses a weaker netlogon authentication algorithm wich is a feature rathan then an issue in Server 2008. To fix this issue you have to Allow cryptography algorithms compatible with Windows NT 4.0.FIXIn the Group Policy Management Editor console, expand Computer Configuration, expand Policies, expand Administrative Templates, expand System, click Net Logon, and then double-click Allow cryptography algorithms compatible with Windows NT 4.0.After these changes i was able to migrate machines.