By using AWS re:Post, you agree to the AWS re:Post Terms of Use
AWS re:Postre:Post

AD Migration to AWS but changing the domain name

0

Hello, what I want to do is to migrate my on prem AD by keeping user, GPO, settings, computer, files to AWS Managed but I want to change the name of my domain.

I would you like to know what is the best way is to do this. Do I need to create server in AWS by creating this new domain, create a trust relationship between the old and new domain and migrate all the stuff?

Thank you for your reply.

Topics
Migration & ModernizationSecurity, Identity, & Compliance
Tags
Migration & ModernizationAWS Directory Service
Language
English
Anthony
asked 3 months ago2464 views
2 Answers
0

Hello,

Greetings!! Thank you for contacting us!

I understand that you want to know the best way for AD Migration to AWS while changing the domain name.

First of all actually there are multiple different approaches which you can choose to migrate to AWS manage AD from on premise AD, depending on your use cases. For example, if you want to have the passwords, SID history migrated along with users, computers and groups or you would like to have the user names with some basic attributes migrated to the AWS managed AD. Depending on the scenario you can choose any of the approaches below.

  1. **Using ADMT [1] for a more comprehensive migration from on premise AD to AWS managed AD. This approach involves multiple steps and requires multiple administrative tasks and changes. Details on this can be found here [2]. You always need to have different source and target domain names in order to use ADMT.

  2. Another simpler approach would be to use csvde export to export basic user information and metadata then import to create similar users on the target AD side [3]. This approach is suitable for basic purpose use cases.

**Generally the plan goes like below:
1) Create the VPC Network Infrastructure.
2) Create AWS Managed Active Directory with the new domain name.
3) Create Management server to manage the AWS managed AD AD.
4) Create a Two-way forest trust between On-Premise AD & AWS Managed AD.
5) Use ADMT tool to migrate users, passwords & groups from On-Premise to AWS Managed AD.

Please follow the steps mentioned in the links shared above to achieve your goal.

I hope the above information is helpful.

Thanks again for reaching out to us! Looking forward to hearing from you.

Reference:

[1] Active Directory Migration Tool (ADMT) Guide: https://www.microsoft.com/en-us/download/details.aspx?id=19188
[2] Migrate your on-premises domain to AWS Managed Microsoft AD using ADMT: https://aws.amazon.com/blogs/security/how-to-migrate-your-on-premises-domain-to-aws-managed-microsoft-ad-using-admt/.
[3] CSVDE migrate Your Microsoft Active Directory Users: https://aws.amazon.com/blogs/security/how-to-migrate-your-microsoft-active-directory-users-to-simple-ad/.

AWS
SUPPORT ENGINEER
Ankur_V
answered 3 months ago
  • Anthony
    3 months ago

    Hi, thank you very much for your detailed reply, I appreciate. It's going to help me a lot. Have a good day.

0

i offer you to review the following official documentation https://docs.amazonaws.cn/en_us/directoryservice/latest/admin-guide/ms_ad_migrate_users.html

profile picture
EXPERT
Sedat Salman
answered 3 months ago

You are not logged in. Log in to post an answer.

A good answer clearly answers the question and provides constructive feedback and encourages professional growth in the question asker.

Guidelines for Answering Questions

Relevant content