Jun 19, 2007

Migrating users from a Workgroup to a Domain

I found this post at Ask The Admin, which is a pretty cool blog where users can post questions about various computer or technology issues. This comes from a guy wanting to know how to migrate pre-existing users from a small workgroup network to a domain environment. The following is re-printed with permission from Ask the Admin:

"...John from Downtown Manhattan wants to know what the best way to migrate his users from a Windows 2003 standalone server into a fresh new domain.

Well John we have just completed something very similar with the assistance of microsofts addusers.exe command and l0phtcrack for password retrieval. Addusers.exe can be found on the windows 2000 resource cd or from microsoft.com. Using addusers.exe with the /d switch we were able to extract to a text file all of our local users, groups and descriptions. But we were unable to export passwords... Thats where l0phtcrack came in we ran this against our local server and recovered all 250 user passwords in under 24 hours.

Then after joining the machine to our freshly created domain we used the adduser.exe to import the user information from the text file we exported using the /c script. We then went in manually and set the passwords. You could also leave the option to require the user to change their password on the next logon. Below you will find the syntax for addusers.exe.

Adds, Writes, or Erases accounts as specified by a delimited file.

ADDUSERS {/c/d{:u}/e} filename [/s:x] [/?] [\\computernamedomainname] [/p:{lced}]

/? Display this help screen.
/c Create accounts specified in the file.
/d: Write current accounts to the specified file, opt. followed by {:u}.
u Write current accounts to the specified file in Unicode text format.
/p: Set's account creation options, followed by an comb. of {lced} l Users do not have to change passwords at next logon. c Users cannot change passwords. e Passwords never expire. (implies l option) d Accounts disabled.
/e Erase user accounts specified in the file.
/s:x Sets the separator character for the input/output file. Replace the x with the character to be used for separating fields. (e.g. /s:~)

Note: The separator character is a comma ',' by default.
For detailed information please refer to the Resource Kit Help file."

Don't Forget your Bauer-Power Gear!

Twitter Delicious Facebook Digg Stumbleupon Favorites More

Design by Free WordPress Themes | Bloggerized by Lasantha - Premium Blogger Themes | stopping spam