Troubleshooting Group Migration Issues

Applies To: Windows Server 2008, Windows Server 2008 R2, Windows Server 2012, Windows Server 2012 R2

Applies to: Active Directory Migration Tool 3.2 (ADMT 3.2)

This topic describes known issues related to migrating groups with the Active Directory Migration Tool.

Local group contains both source and target accounts when that account is migrated after you migrate the local group

When you migrate a member of a previously migrated local group, the source account for that member is not removed when the target member is added. If the member is migrated before you migrate the local group, only the target account member is added.

This is by design and applies to interforest migrations only.

Group member list is not updated for a group that includes a migrated group from a third domain

If you migrate a group, any groups in a third domain that include that original group as a member still refer to the group in the source domain. When you perform an intraforest migration, group members retain access to resources because the security identifier (SID) history is migrated automatically. When you perform an interforest migration, group membership must be fixed unless SID history is migrated.

Use the group migration wizard to migrate users that belong to nested groups

If Migrate associated user groups is selected, the User Account Migration Wizard only migrates the groups that the user is directly a member of. It does not migrate groups that the user is a member of through group nesting.

When you migrate groups by using the Group Account Migration Wizard, if Copy group members is selected, the wizard recursively migrates all users and groups that are members of that group, including groups that are members through group nesting.

Where the source domain has group nesting, we recommend that you migrate the objects that are affected by using the Group Account Migration Wizard, if you want to preserve group membership that is gained through such nesting.