![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(153.6, 33%, 24%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3ETD%3C/text%3E%3C/svg%3E)
Microsoft Entra ID
A Microsoft Entra identity service that provides identity management and access control capabilities. Replaces Azure Active Directory.
19,451 questions
Quest is great - make sure trust relationship and DNS forwarding are set up correctly between target and source domains, and enable SID history... this allows the migrated users to access resources in the source domain seamlessly until you have moved all resources over to the new domain.
While Quest can handle the workstation migration, I've long been in the habit of using ProfWiz.exe https://www.forensit.com/ for the workstation migrations. It is so simple to use and leaves the user with exactly the same profile in the new domain. I have never had a failure using this tool, and quite often the user barely notices they are logging into new domain.
Give the users plenty of notice so they know what is happening... but there should be minimal issues if you have set up the trust, DNS and Quest correctly.
With the pilot, it is a critical to capture sufficient cross-section of users so you can cover off testing of all core apps and iron out any niggles before the main migration.
Things that can may cause issues:
- DNS resolution (should be okay if forwarding is correctly configured)
- User or machine certificates required for resource access in source domain (Wi-Fi, user certs for app auth etc.)
Good luck!