Are there any examples of scripts that can be used with Domain Migration Administrator? (NETIQKB1941)

  • 7701941
  • 02-Feb-2007
  • 17-Apr-2008

Resolution

fix

Here is an example of a script that will allow you to add the SID History attribute to accounts that already exist in the Windows 2000 domain but were not migrated using NetIQ's Domain Migration Administrator.  The pre-process script is designed to write the attributes of the existing Windows 2000 objects [CN and Display Name] to a file.  After the migration, the post-process script writes those attributes (from the file) back to the Windows 2000 objects. 

These scripts were required to perform these tasks because any non-null value for an object in the Windows 2000 domain will be overwritten by the source domain object's attributes during the migration process.   The following scripts would be used at the same time.  For more on scripting, please see the on-line help in Domain Migration Administrator.

PLEASE NOTE: Scripting is NOT Supported by NetIQ for DMA. If you wish to seek NetIQ services for scripting solutions, please contact your Sales Representative about our 'Custom Solutions' group.

Pre-Process Script

Sub PreProcess
    Dim con
    Dim rs
    Dim Com
    Dim strName

' Reset the varset entries
settings.put "GotOldValues", "No"
settings.put "OldCN", ""
settings.put "OldDisplayName", "" 

' Setup an ADO query on the AD to get the values from the target object.
Set con = CreateObject("ADODB.Connection")
Set rs = CreateObject("ADODB.Recordset")
Set Com = CreateObject("ADODB.Command") 

'Open a Connection object.
con.Provider = "ADsDSOObject"
con.Open "Active Directory Provider" 

'Create a command object on this connection.
Set Com.ActiveConnection = con
'Set the query string.
strName = Settings.get("CopiedAccount.SourceSam")
Com.CommandText = "<LDAP://" & Settings.get("Options.TargetDomain") & ">;(samAccountName=" & strName & ");ADsPath,sAMAccountName,cn,displayName"

'Set the preferences for Search.
Com.Properties("Page Size") = 1000
Com.Properties("Timeout") = 30 'seconds
'Execute the query.
Set rs = Com.Execute
' save the display name and CN for later
If rs.RecordCount = 1 Then
settings.put "OldCN", rs.Fields(2).Value
settings.put "OldDisplayName", rs.Fields(3).Value
settings.put "GotOldValues", "Yes"
End If
End Sub

Post-Process Script

Sub Process
Dim parentOU
Dim pTemp
Dim done
' Check if we were successful in getting the values
done = Settings.get("GotOldValues")
if ( done = "No" ) then
'Did not get the values so exiting
Exit Sub
end if

' retrieve the values we saved earlier
oldCN = Settings.get("OldCN")
oldDispName = Settings.get("OldDisplayName")
' reset the display name to the old value

TargetObject.Put "DisplayName",oldDispName
targetObject.SetInfo
' reset the cn to the old value
Set parentOU = GetObject(TargetObject.Parent)
path = TargetObject.ADsPath
Set pTemp= parentOU.MoveHere(path, "CN=" & oldCN)

'Update the varset with the proper values
Settings.put "CopiedAccount.TargetName", pTemp.Name
Settings.put "CopiedAccount.TargetPath", pTemp.ADsPath
End Sub



Additional Information

Formerly known as NETIQKB1941