Information Technology Services (ITS)
University of Memphis Photo
Manual Profile Migration Process Related Topics

Active Directory Support

Manual Profile Migration Process As Performed by Enrollment Services

Documentation derived from Rev 4. 04/04/2005 by AATech Staff

Note: the documentation is a sample of the documentation specific for a particular department. You may find it helpful in preparing your migration into Active Directory.

Items in Bold require the user to be there for authentication.

Items in Red are multi-part and need to be done in a specific manner and/or sequence.

  1. Log on as the user.
  2. Make sure the user and Domain Admins from Enrollment are local administrators on the box. Note: the user may be an administrator on the box by virtue of belonging to a Security Group such as Registrar, Admissions, StudentAid, etc.
  3. Verify “My Documents" is pointed to H:\My Documents. This should be the case for all Enrollment users.
  4. Have the user attempt to use their current Enrollment password for their AD password. If their current Enrollment password is not AD compliant, have them pick a new password for AD and then change their Enrollment password to match it. Make sure they know that these passwords are independent of their VAX/SIS password so changing these passwords DOES NOT change the password they use for getting into the VAX/SIS. The goal of this step is to make sure their AD password and Enrollment password are the same.
  5. Use the iAM site to update the user's profile and home directory information accordingly.
  6. Verify that their UUID matches their Enrollment login ID.
  7. Log off the user.
  8. Log into the computer as the Enrollment Domain administrator; it may take a couple of minutes to log in to this account but you will eventually get to the desktop.
  9. Remote desktop into AATECH3 as Enrollment Domain administrator and take ownership of the user's profile directory (e.g., d:\profiles\rjax); make sure to select the checkbox for “Replace owner on sub-containers and objects". This should result in administrators having full control on the user's profile directory.
  10. Log off of AATECH3.
  11. Remote desktop into AATECH2 using your UOM credentials.
  12. Map z: drive to \\AATECH3\d$ using the Enrollment Domain admin credentials.
  13. Copy z:\users\<uuid> to d:\users (e.g., copy z:\users\rjax to d:\users). NOTE: This will result in the entire user's data directory from aatech3 being copied to a new location on aatech2. MAKE SURE YOU COPY the data, DO NOT MOVE IT.
  14. Verify the sizes of the user's data folders on AATECH3 and AATECH2 are the same.
  15. Set the appropriate permissions for the user's new folder on AATECH2
    1. Right click on D:\profiles\<uuid> and select Properties. Click the Security tab. Click the Advanced button. Uncheck the box that says “Inherit from parent…". A dialog box will pop up; click Copy. Click OK.
    2. Set folder security: Verify that Administrators and SYSTEM have Full Control on the user's data directory. Add the user and give them full control as well. Remove “Users" from the list.
    3. Create share
    4. Set share security.
  16. Copy z:\profiles\<uuid> to d:\profiles (e.g., copy z:\profiles\rjax to d:\profiles). Note: this will result in the entire profiles directory for this user on aatech3 to be copied to aatech2. MAKE SURE YOU COPY the profile, DO NOT MOVE IT.
  17. Verify the sizes of the user's profile folders on AATECH3 and AATECH2 are the same.
  18. Give user full control on d:\profiles\<uuid>
  19. Verify that Administrators and SYSTEM have full control on user's profile directory.
  20. Log off of AATECH2.
  21. Verify the Computer Name for the computer is correct.
  22. Move the computer from the Enrollment Domain to the Enrollment Workgroup
  23. Restart the computer.
  24. Log in as the local administrator.
  25. Join the computer to the UOM domain; do NOT restart at this time.
  26. Add UOM\<uuid> and UOM\LSP-ACADAFF to the local administrators group.
  27. Restart the computer.
  28. Log on as UOM\<uuid> Explain to the user the use of uuid@memphis.edu for logging on.
  29. Verify profile transfer (desktop should look identical including background).
  30. Create a test folder or file on the user's desktop.
  31. Log the user off, verify no errors (such as profile errors) while logging out.
  32. Log in as UOM\<uuid>.
  33. Verify that no profile errors occur and that the test folder or file appears on the user desktop.
  34. Set up corresponding network printers on AATECH6. Print a test page for each one then test their printing from an application. Make sure to set the correct printer as their default printer. After confirming proper operation of printers located on AATECH6, delete any printers from Enrollment-NT35, AATECH3 or AATECH5.
  35. Test the e-mail functionality.
  36. Test access to ALL network drives including their H:\ drive.
  37. Test applications that are critical to the user.
  38. Then test commonly used applications such as Office.
  39. Attempt a simple edit of an existing file located on their H:\ drive and save that change. Close the file then open it back up to verify the change they made is still there. After verifying, undo the change, save, and close the application.
  40. Fix any broken items as necessary.

Benefits

FAQs

AD Presentation by Jeremy Dennis

Learning Events

The material below originates from the training given by ExecuTrain to the LSP support community:

Project

Active Directory Rollout 2006
Click to enlarge

Text Only | Print | Got a Question? Ask TOM | Contact Us | Memphis, TN 38152 | 901/678-2000 | Copyright 2013 University of Memphis | Important Notice | Last Updated: 
Information Technology Services | 100 Administration Bldg. | Phone: 901.678.8888 | Email: UMTech@memphis.edu
Last Updated: 3/25/14