The life and times of a Active Directory Logon Migration

This blog is going to be about an active directory migration project changing about 2000 user from a named based logon to a employee number based logon. Here are all the changes

  • Change user name to employee number
  • Create new ad structure based on department structure
  • Automate logon creation based on output from HR system
  • Automate ad structure based on output from HR system
  • Automate logon terminations based on output from HR system
  • complete logon information with accurate phone, department, office, address, name, and
  • Migrate users to new 2008 R2 based home folder system using DFS, VSS, and DFS replication
  • Clean home folders of all exe’s and PST files
  • Move all non-employee logons out of the employee OU
  • Automate the creation and disabling of non-employee accounts
  • Disable and eventually delete all non-active logons
  • Automate cleanup of home drives, and email accounts when an account is deleted.

The environment is a 2003 domain and our two tools will be Hyena, windows active directory tools, and Powershell.

Oh all this has to happen with little to no downtime, and without confusing our end users.