![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(288, 56.00000000000001%, 37%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3ECW%3C/text%3E%3C/svg%3E)
Active Directory
A set of directory-based technologies included in Windows Server.
6,957 questions
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(64, 81%, 16%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3ECT%3C/text%3E%3C/svg%3E)
Hello,
Thank you for posting the question on Microsoft Windows forum!
Based on your query of migrating a WS2012R2 Active Directory .local domain to a WS2025 .com domain which requires careful planning. The followings are key points and potential issues to consider when performing domain migration.
- Domain Name Change Impact: Changing from .local to .com affects authentication, Group Policy Objects (GPOs), and application dependencies.
- User Principal Name (UPN) Updates: Since UPNs are already in use for Entra ID sync, ensure that the new domain suffix is properly registered and verified in Microsoft Entra ID.
- Group Policy Migration: Policies tied to the old domain may need to be recreated or adjusted.
- Service Account Dependencies: Applications relying on service accounts may need reconfiguration.
- DNS and Certificate Updates: Ensure that DNS records and SSL certificates reflect the new domain. Regarding the use of Active Directory Migration Tool (ADMT) can be useful for migrating users, groups, and computers between domains. However, ADMT v3.2 has known issues and limited support. You can check the following articles for further reference about ADMT.
- https://learn.microsoft.com/en-us/troubleshoot/windows-server/active-directory/support-policy-and-known-issues-for-admt
- https://www.microsoft.com/en-us/download/details.aspx?id=56570 To maintain existing Entra ID sync, given that the UPNs are already in use for syncing to Entra ID. You can refer to below articles for further information.
- https://learn.microsoft.com/en-us/entra/identity/hybrid/connect/howto-troubleshoot-upn-changes
- https://learn.microsoft.com/en-us/troubleshoot/entra/entra-id/user-prov-sync/use-upn-matching-identity-sync
- https://learn.microsoft.com/en-us/entra/identity/hybrid/connect/tshoot-connect-sync-errors#invalidsoftmatch Hope the above information is helpful!