C.0 Migrating Users Per Domain

The Multi-Domain Active Directory driver supports user migration from Active Directory domain to the Identity Vault. Migration is only possible at a domain level. You can migrate only one domain at a time. If you have multiple domains in a forest, you must migrate each domain separately. The driver does not support object migration at the forest level.

You can use the iManager to migrate the user objects.

To migrate user objects:

  1. Log in to iManager.

  2. Click to display the Identity Manager Administration page.

  3. Open the driver set that contains the driver whose properties you want to edit:

    1. In the Administration list, click Identity Manager Overview.

    2. If the driver set is not listed on the Driver Sets tab, use the Search In field to search for and display the driver set.

    3. Click the driver set to open the Driver Set Overview page.

  4. Click the MDAD driver instance.

  5. In the Identity Manager Driver Overview page, click Migrate into Identity Vault.

  6. Click Edit List and add the User class and the CN attribute, then select the users that you want to migrate.

    To migrate all users, specify * for the CN attribute. For example, CN=*.

  7. Select MDAD instance and provide the domain DN in LDAP format from where you want to migrate the user objects to Identity Vault.

    Example of domain DN in LDAP format: ou=LKG, dc=PreKG, and dc=local.

  8. Click OK.