The Multi-Domain Active Directory driver supports user migration from Active Directory domain to the Identity Vault. Migration is only possible at a domain level. You can migrate only one domain at a time. If you have multiple domains in a forest, you must migrate each domain separately. The driver does not support object migration at the forest level.
You must migrate users from specific domain using dxcmd command. You can use the NetIQ Identity Manager Command Line Utility to migrate the objects.
To migrate objects:
Create a XML query to migrate all objects in specific domain. A sample query is as below:
<nds dtdversion="4.0" ndsversion="8.x">
<source>
<product edition="Advanced" version="4.5.2.0">DirXML</product>
<contact>NetIQ Corporation</contact>
</source>
<input>
<query class-name="User" dest-dn="OU=unit,DC=example,DC=com"
scope="subtree">
<search-class class-name="User"/>
<search-attr attr-name="CN">
<value>*</value>
</search-attr>
</query>
</input>
</nds>Copy the migrate XML file to the computer where Identity Manager is installed.
Open a command prompt.
Run the dxcmd command.
Specify the administrative username and password.
Select Driver Operations.
Select the Multi-Domain Active Directory driver that is deployed in your environment.
Use the Migrate from application into DirXML option and specify the migrate xml file name.