Quest Migration Manager QMM and Intra Forest Migration

The requirements for an Intra-Forest migration are much different compared to an Inter-Forest Migration.

Intra-Forest Migration: migration between domains of the same Forest.
Inter-Forest Migration: migration between domains of different Forests.

What is the difference and how can QMM help with the single SID problem?

What is the biggest difference between Intra-Forest and Inter-Forest migration?

In my eyes the biggest difference is how user accounts are moved from one domain into another.

• During an Intra-Forest migration user accounts are moved
• During an Inter-Forest migration user accounts are copied

For the Intra-Forest migration it means that the source user is deleted and a new user is created at the new destination. In huge enterprise environments it seems to be an invincible obstacle, because the source account is deleted during the migration.

Source user and target user during an Intra-Forest Migration with QMM

The Quest Migration Manger QMM can help with that by allowing a coexistence of the source- and target accounts during an Intra-Forest Migration. But be careful with SID-History. The SID-History attribute can assimilate the SID (Security Identifier) of the source object during a migration between domains:

• For an Inter-Forest migration this is common practice and has proved itself right.
• For an Intra-Forest migration there are different statements from the Microsoft Support.

The reason is, there can be only one SID per Forest. For an Intra-Forest migration the SID would exist twice, once in the source- and once in the target-object. Hence, also twice in the Global Catalog. This can lead to the following problem: Two replies are being received by an application from two different domains during the dissolution of a SID into a user account. That is why you should talk to the Microsoft Support, when thinking about using this feature.

Talking from experience

It might sound not that easy, but I know that some migration-projects performing Intra-Forest migration with SID-History have been successful. 🙂