AD Migration to AWS but changing the domain name

Question

Hello, what I want to do is to migrate my on prem AD by keeping user, GPO, settings, computer, files to AWS Managed but I want to change the name of my domain.

I would you like to know what is the best way is to do this.
Do I need to create server in AWS by creating this new domain, create a trust relationship between the old and new domain and migrate all the stuff?

Thank you for your reply.

Answer

Hello,

Greetings!! Thank you for contacting us!

I understand that you want to know the best way for AD Migration to AWS while changing the domain name.

First of all actually there are multiple different approaches which you can choose to migrate to AWS manage AD from on premise AD, depending on your use cases. For example, if you want to have the passwords, SID history migrated along with users, computers and groups or you would like to have the user names with some basic attributes migrated to the AWS managed AD. Depending on the scenario you can choose any of the approaches below.

1.  **Using ADMT [1] for a more comprehensive migration from on premise AD to AWS managed AD. This approach involves multiple steps and requires multiple administrative tasks and changes. Details on this can be found here [2]. You always need to have different source and target domain names in order to use ADMT.

2. Another simpler approach would be to use csvde export to export basic user information and metadata then import to create similar users on the target AD side [3]. This approach is suitable for basic purpose use cases.

**Generally the plan goes like below:    
	1) Create the VPC Network Infrastructure.  
	2) Create AWS Managed Active Directory with the new domain name.  
	3) Create Management server to manage the AWS managed AD AD.  
	4) Create a Two-way forest trust between On-Premise AD & AWS Managed AD.  
	5) Use ADMT tool to migrate users, passwords & groups from On-Premise to AWS Managed AD.

Please follow the steps mentioned in the links shared above to achieve your goal.

I hope the above information is helpful.

Thanks again for reaching out to us! Looking forward to hearing from you.

Reference:
=========
[1] Active Directory Migration Tool (ADMT) Guide: https://www.microsoft.com/en-us/download/details.aspx?id=19188  
[2] Migrate your on-premises domain to AWS Managed Microsoft AD using ADMT: https://aws.amazon.com/blogs/security/how-to-migrate-your-on-premises-domain-to-aws-managed-microsoft-ad-using-admt/.   
[3] CSVDE migrate Your Microsoft Active Directory Users: https://aws.amazon.com/blogs/security/how-to-migrate-your-microsoft-active-directory-users-to-simple-ad/.

Answer

i offer you to review the following official documentation 
https://docs.amazonaws.cn/en_us/directoryservice/latest/admin-guide/ms_ad_migrate_users.html

AD Migration to AWS but changing the domain name

Reference:

相關內容