Sys-Manage Logo
SSL | Register | Login Sunday, October 25, 2020 Flag en-US 
Search
 

Cluster Services Cross Domain Migration

 
This video explains how to use CopyRight2 to migrate file shares, NTFS permissions, Active Directory users and groups between cluster servers configured as members in two different domains. In this example the source cluster is running Windows® 2003 R2 and the destination cluster Windows® 2012 R2.
  Environment  

In this demo case there is a clustered Windows 2003 R2 file server in a domain called "DomainC.Com" that gets migrated to a Windows 2012 R2 cluster located in domain "DomainB.Com". The source cluster's file server resource is called "Cluster2K3R2" and the target cluster's file server resource goes by the name of "Cluster2K12FS". Copyright2 is installed on the target and the data will be pulled in this example.

Both clusters have their shared disks through iSCSI. There is a quorum drive Q:, an R: drive containing the home share data and a S: drive containing the group share data.

The source cluster hosts group and home shares. The NTFS and share level permissions use global groups and user accounts of the source domain "DomainC.Com" that need to get migrated to the target domain "DomainB.Com". As a reminder, a Windows cluster does not have local groups defined on the member server itself, because those would exist on the cluster node. All groups have to be domain accounts (domain local groups, domain global groups and domain user accounts).

If newer Windows versions were used, or if running it on the source, the same settings could be used. You could also migrate from a non-clustered file server to a cluster or from a cluster to a non-clustered file server or NAS system. CopyRight2 supports Windows 2000 up to Windows 2019 and a wide variety of NAS storage solutions (NetApp, EMC, Hitachi, Synology, TrueNAS, FreeNAS, Netgear...).

  Settings (Homeshares)  

Job Type
Data Migration

Name and Description Page
Name: Cluster Homeshare Migration

Source and Destination Page

Source Destination
\\Cluster2K3R2\R$\Homeshares \\Cluster2K12R2\R$\Homeshares


Synchronization: Add/Update/Delete

User and Group Filter Page
User: Enabled (Add/Update)
Global groups: Enabled (Add/Update)

User and Group Options Page
Local group memberships: Enabled (Add/Remove)
Global group memberships: Enabled (Add/Remove)
Migrate user passwords: Enabled
Global group members: Enabled (Add/Remove)

Active Directory Options Page
Migrate OU & container structure: LDAP://DC-domainb,DC=com

File Shares Page
Include file shares located at specified folder(s) and below: Enabled (Add/Remove)

  Settings (Groupshares)  

Job Type
Data Migration

Name and Description Page
Name: Cluster Groupshare Migration

Source and Destination Page

Source Destination
\\Cluster2K3R2\S$\Groupshares \\Cluster2K12R2\S$\Groupshares


Synchronization: Add/Update/Delete

User and Group Filter Page
User: Add/Update
Global groups: Add/Update

User and Group Options Page
Local group memberships: Enabled (Add/Remove)
Global group memberships: Enabled (Add/Remove)
Migrate user passwords: Enabled
Global group members: Enabled (Add/Remove)

Active Directory Options Page
Migrate OU & container structure: LDAP://DC-domainb,DC=com

File Shares Page
Include file shares located at specified folder(s) and below: Enabled (Add/Remove)

  Notes  

In this example use case, there is no domain local groups and therefore the migration option for local groups was not enabled. If there were domain local groups as well, you would have to enable the migration of local groups as well.

You could as well use additional "User & Group Migration" type of jobs, if you would like to separate the account from the resource migration. In this case you would not need to enable the account migration options in the "User and Group Filter" page of the data migration job.

If migrating from a regular file server running on a member-server to a cluster and there are local groups (or local users) on the member server, please make sure to enable the "Create users & groups in destination domain" option to convert those to domain groups and users, because Windows clusters do not support those.

It is important that the clusters file server resource name is specified in the copy job and not the clusters node names. The CopyRight2 licenses on the other hand, have to be assigned to the cluster nodes NetBIOS names though. It is recommended that you assign a license to each cluster node, but it works with a single licensed node as well, as long as you ensure that this node owns the file server resource you want to migrate from or to.

The settings used assume that no users are working while the migration takes place. If you want to use an approach with multiple passes (pre-copy/final copy) you additionally have to enable either the "Ignore errors resulting from locked files" ("Error Processing" page) option for the pre-copy pass(es) to prevent errors from occuring because of locked files.

  Video  
  Download  

Copyright © Sys-Manage, 1998-2020. All Rights Reserved.

Privacy Statement
Terms Of Use