One good thing about cloud migration is accessing managed companies, which may scale back operational overhead. For organizations working in Microsoft-centered environments, Google Cloud presents a highly-available, hardened Managed Service for Microsoft Lively Listing working on Home windows digital machines. Managed Microsoft AD supplies advantages equivalent to automated AD server updates, upkeep, default safety configurations, and desires no administration or patching.
Most organizations adopting Managed Microsoft AD might be migrating from an current on-premises AD deployment. Sometimes, when migrating Lively Listing objects, current customers can not proceed to entry sources within the new area until safety identifier (SID) historical past is preserved. This could result in further work for directors because the permissions have to be recreated put up migration.
To make migrations extra seamless and eradicate additional effort, we’re excited to announce a brand new functionality in Managed Microsoft AD: assist for the migration of AD customers with SID historical past, now out there in Preview. Now, customers can retain historic Entry Management Listing (ACL) entries in order that customers can entry sources with out having to recreate useful resource permissions post-migration.
Steps emigrate on-premises AD customers to Managed Microsoft AD
To get began, you need to use Lively Listing Migration Instrument (ADMT) emigrate an on-premises AD area to Managed Microsoft AD particularly with SID historical past.
1. Put together your on-premises Lively Listing and Managed Microsoft AD
As a prerequisite for migration, customers have to arrange a two-way belief between current on-premises AD area and new Managed Microsoft AD area.
Both a single consumer or a crew throughout the customers’ group can carry out the migration actions. When a crew is concerned, we advocate including the crew members to a website native group in Managed Microsoft AD. Customers can connect with a Managed Microsoft AD area and use the usual Lively Listing instruments equivalent to Lively Listing Customers and Computer systems (ADUC) that’s a part of RSAT: Lively Listing Area Companies for including these customers to the area native group. Do not forget that customers want so as to add this area native group to the pre-created teams in Managed Microsoft AD, after enabling permissions as described in step three.
2. Put together a Google Compute Engine Digital Machine and arrange ADMT
As a subsequent step, set up and arrange Microsoft Lively Listing Migration Instrument (ADMT) and Microsoft SQL Server 2016 Specific on a Google Compute Engine Digital Machine. You might want to guarantee that this VM isn’t a website controller after which be part of the VM to Google Cloud Managed Microsoft AD area.
three. Allow permissions on Managed Microsoft AD
After customers put together the on-premises Lively Listing and Managed Microsoft AD, they will allow the required permissions in Managed Microsoft AD emigrate the customers with SID Historical past. You should utilize the next gCloud CLI command:
