You are viewing limited content. For full access, please sign in.

Question

Question

Migrating user to a new domain

Laserfiche License Manager Directory Server Version 9 Version 10
Updated February 24, 2023
asked on March 16, 2017 Show version history

We have a customer that currently has about 300+ user that are setup as Directory Named Users in the Laserfiche License Manager. They recently merged with another company. After the merge they have decide to move the users to the domain of the other company. The use case would be that the users are setup as DOMAINA\Username and will now be setup as DOMAINB\Username. What is the best way to migrate these users when they are setup as Directory Named Users. Is there a migration utility available to help automate this process.

It is understood that you can have a Laserfiche trustee that has been associated with domain accounts, so we understand that as an option but prefer not to go this route to eliminate some of the overhead in setting up new accounts in Laserfiche.

Thanks in advance

I want to add that the second domain has a 2 way trust relationship.

 

 

3 0

Replies

replied on March 22, 2017

Does Laserfiche have any suggestion on the above use case?

 

Thanks in Advance

1 0
replied on April 25, 2017

Hi, was there ever any resolution to this post? 

We have a similar scenario where I need to move 400+ users registered on LFDS as Windows Domain accounts to multiple domains. Currently all of the users below to one Domain but the Org is changing its Active Directory Strategy and deploying Domains for the different Sister Companies.

Through testing we found one can re-create each user individually on LFDS but to do his for 400+ users does not make sense.

Is there possibly a way that IF I have the Current SID for each user, to find and replace it with the New Domain SID in the LFDS DB?

I have noticed that LFDS seems to store the SID in some HEX format, so would need to understand what conversion on the AD SID would need to be done to make sure it matches to what is stored in SQL. 

Any other suggestions is also welcome.

1 0
replied on March 6, 2019

We have a customer that is looking to do this as well. Manually re-creating new accounts is the least of our concerns. The actual concerns are in the task assignments, history, security etc.

For example, Domain1\User1 has 10 tasks assigned in Forms, they might also have initiated multiple tasks. Now we create Domain2\User1 and they have no tasks and no history. Even if we manually re-assign all their current tasks, what if someone denies something they initiated under Domain1\User1 in the future.

They only way I can see this being manageable is if we could do what's called an "In Place" migration of the users. Meaning, we essentially just swap out the Domain Account reference without creating a replacement account in Laserfiche. This way the user retains ALL of their history, tasks, and potential future tasks.

The only thing that would break would be the folder security set by groups in the old domain, that might be a lot of manual labor, but at least its achievable.

Has anyone ever accomplished this type of migration for a large account?

1 0
replied on April 30, 2021

Seeing as this was 4 years ago, and everyone seems to be having the same issue, is there any update on this?

1 0
replied on April 1, 2020

bump

0 0
replied on October 28, 2020

Does LF use sidHistory in any of its logic to account for this type of a scenario? I am going through this now with a client that has 800+ users and the behaviors we are seeing within LF seem to indicate that it DOES take into account the sidHistory, but the behavior isn't consistent with our expectations. 

I'm curious IF and HOW LF uses the sidHistory.

0 0
replied on February 23, 2023

Hi everyone, any updates about this?. How you ended up solving this scenario¿?  

0 0
View 1 previous reply
replied on February 23, 2023

There is an option when migrating from one domain to another to do SID linking from the old domain controller and this means their repository account remains as well as any AD access rights you had configured.

The strange thing is while everything looks good in the repository their forms access becomes inactive and after resolving all their history is lost. We have never been able to unravel this. These are named users so they are simply one single account with access to all Laserfiche features, but Forms has some type of syncing issue after the domain swap.

1 0
replied on February 23, 2023

We ended up getting Laserfiche professional services to do the migration elements and domain translations. Everything was mapped over with the exception of audit trail data. 

1 0
replied on February 23, 2023

This is a service that Laserfiche offers to VARs? Have not heard of it before.

0 0
replied on February 24, 2023

Hey Chad, yes absolutely, I mean you have to pay for it, it's not FOC, but yeah speak to your LF account manager, I'm sure they'll be able to help.

0 0
You are not allowed to follow up in this post.

Sign in to reply to this post.

Details
Related Posts
Loading ...