ADMT Usage Notes

Here is a short list for using ADMT 3.0

1) Install ADMT

Installing Password Export Server Service

2) Create ADMT Password Migration Key with

      admt key /option:create /sourcedomain:DOMAIN /keyfile:c:key /keypassword:Password01

3) Move the keyfile and the Pwdmig.msi file to the new source server and install the file
    Note: Use another account than LocalSystem for ease of use later.
4) Edit the key HKEY_LOCAL_MACHINESYSTEMCurrentControlSet
    ControlLsaAllowPasswordExport and set it to 1
5) Start the Password Export Server Service
6) Add the Service Account to Domain Admins in the target domain
7) Add the account running ADMT to the Domain Admins in the source domain (or run the as an admin
    account for source domain)
8) Run ADMT

Migrating Users


Troubleshooting for User Migration

If you get the following error:

2006-03-06 14:07:25 ERR2:7435 SID History cannot be updated for USERNAME. This operation requires the TcpipClientSupport registry key to be set on domain.local. Changes to the TcpipClientSupport registry key require a restart to take effect. rc=6.

Try running the migration as a domain admin from the source domain. It needs to be added to the domain admins in the target domain.

Migrate Computers

It is important that computer migration is run as administrator for the source domain otherwice the Pre-Check will not work


Leave a Reply