AzureFeeds

A Comprehensive Overview

The ADMS Portal is more than just a migration interface—it’s a customizable, intelligent platform designed to streamline and enhance the migration experience for both users and IT administrators.

ADMS, ADSS, and ADGMS are all cloud-based services that come within the ADxS services portfolio offered by Microsoft and designed to facilitate efficient and cost-effective migrations. For additional information around migration use cases, refer to this blog: Exploring the Use Cases of ADxS Services | Microsoft Community Hub 

ADMS or Active Directory Migration Service – is a service designed to facilitate the migration of users and workstations across domains and forests by offering diverse number of migration methods such as Self-Service Migration which is unique to the ADMS service and it comes with two types, Self-Service for corporate connect users, and Self-Service for remote or VPN users,  Admin automated Migrations, user only migration and Migration for workstations shared by more than one user.  

Prerequisites for a User Migration

Users must be in scope for the ADMS sync engine, meet all identity logic, and be in the migration database prior to coming to the ADMS Portal.  One of the first items we perform is pre-provision or join source identities to target identities also working with your team to determine attributes to flow as part of the sync engine.

ADMS Portal will submit each user to a set of preflight checks prior to allowing user migration.  Before any migration begins, the ADMS Portal runs a standardized set of preflight validations designed to catch common issues that could disrupt the process. These checks are essential safeguards that ensure a smooth and secure migration from the source to the target environment.

Refer to this blog for more details: Ensuring Smooth Migrations with ADMS Portal’s Preflight Checks | Microsoft Community Hub

User Migration journey

Assuming the user meets the preflight checks for migration, the user is submitted to the activation phase. This phase includes the user object being enabled if necessary as well as being submitted to the ADMS AR Pipeline. 

The default delivery includes the objectSID of the source user being copied to the target user SIDHistory at user migration run-time in the ADMS AR pipeline. We also submit the user for any additional application/service remediation agreed upon during workshops.

Refer to this blog for more details: Exploring the Use Cases of ADMS User Migration | Microsoft Community Hub 

Here’s a look at what the ADMS Portal can customize for a user migration:

•  Preflight checks: ADMS team enables a standardized set of preflight validations designed to catch common issues that could disrupt the process. These checks are not just technical formalities—they are essential safeguards that ensure each migration proceeds smoothly and securely from old source environment to new target environment.


• Portal Landing Page: The ADMS Portal landing page can be configured to let the user choose from one or more connection options. This includes but not limited to at a remote location over VPN.


• Multi-language support: The ADMS Portal can be configured to allow the user’s local language to be displayed in their browser providing a richer user experience for the various use cases brought to the migration portal.


•  Customer Support Contact: ADMS team will configure the ADMS Portal to display the customer support contact information to help the user experience a better escalation path if any issues do occur during their migration journey.


• Identity Enablement: ADMS team has the ability to enable target user identities during the staging queue process during user migration.


• Identity Sync Engine: Conventional tools synchronize Active Directory objects as-is to the target domain and refresh them as changes are made in the source. ADMS implements a rich and robust identity management system so that just the right identities, groups, group memberships and workstations are synchronized and provisioned and will continuously run until the migration has been completed to accommodate changes in the source.


• ADMS AR Pipeline: The ADMS delivery team can handle at run-time remediation in the ADMS AR pipeline. This is done per user at user migration run-time to allow coexistence, maintaining access for those pending migration, and updating access for those that have performed migration through the ADMS Portal.  Refer to this blog for more details: Exploring the Use Cases of ADMS Application Pipeline | Microsoft Community Hub 


• Feature Enablement: ADMS delivery includes the ability to enable SIDHistory feature at user migration run-time.  ADMS delivery can include the ability to enable our password sync feature one way from source to target.


• Post User Migration: ADMS team has the ability to disable the source user identities post user migration after an agreed upon grace period.


• Custom Preflight Check: ADMS team has the ability to add custom preflight checks for some migration use cases.

Device Migration journey

Conventional tools require mapping of users to workstations so that the migration sequence can be structured and run by the migration team.  ADMS offers a simple to use portal service so that self-service migrations can be offered with users now able to migrate when it’s convenient for them. 

Refer to this blog for more details: Exploring the Extensibility of Active Directory Migration Service (ADMS) Device Migration | Microsoft Community Hub 

Here’s a look at what the ADMS Portal can customize for a device migration:

• Preflight checks: ADMS WMT service is a requirement for a device to be eligible for migration.  This is enabled by default. 


• Identity Sync Engine: Conventional tools synchronize Active Directory objects as-is to the target domain and refresh them as changes are made in the source. ADMS implements a rich and robust identity management system so that just the right identities, groups, group memberships and workstations are synchronized and provisioned and will continuously run until the migration has been completed to accommodate changes in the source.


• WMT Service: ADMS WMT service is used for conducting workstation migration operations.  ADMS WMT service performs at device migration runtime when invoked by ADMS Portal or our auto migration app to perform our default migration operations as well as any additional features we agreed upon during our design discussions for your ADMS delivery.


• WMT Service Custom External Scripts: ADMS WMT service has the option to run custom PowerShell external scripts.  ADMS WMT service allows the extensibility to run custom external scripts at various execution points during the device migration sub-steps, which has been a game changer for our ADMS customers. There will be more on this in a future blog post. 


• Approved to Migrate Computer Check: This is an optional check that can be enabled to look for a registry key on the device.


• Remote/VPN IP Range Check: ADMS Portal has the ability to use an IP range provided by the customer to determine if a client is attempting migration from a corporate network or remote connection.   


• AutoMigApp – Device Only: ADMS team has the ability to generate a package of auto migration app designed to perform a device only migration.     


• Custom Preflight Check: ADMS team has the ability to add custom preflight checks for some migration use cases.

ADMS Portal Benefits

The ADMS Portal offers a robust and flexible platform that enhances the migration experience for both users and administrators. Here are the key benefits:

• Streamlined User Experience: With customizable landing pages, multilingual support, and integrated customer support contact information, the portal ensures a smooth and intuitive experience for end users.


• Comprehensive Preflight Checks: Built-in and customizable preflight validations help identify and resolve potential issues before migration begins, reducing downtime and ensuring a higher success rate.


• Flexible Identity Management: The Identity Sync Engine and Identity Enablement features allow for precise control over which users, groups, and devices are migrated, ensuring alignment with organizational policies.


• Real-Time Remediation: The ADMS AR Pipeline supports runtime remediation, enabling coexistence and seamless access transitions during the migration process.      


• Advanced Device Migration Support: The WMT service and AutoMigApp provide powerful tools for device-only migrations, including support for custom scripts and remote/VPN IP range checks.


• Post-Migration Controls: The service supports post-migration actions such as disabling source identities after a grace period, helping maintain security and compliance.


• Extensibility and Customization: From custom preflight checks to external script execution, the portal is designed to adapt to unique migration scenarios and enterprise needs.

Conclusion

ADMS is a service designed to facilitate the migration of users and workstations across domains and forests by offering diverse number of migration methods.  ADxS services not only simplifies the migration process but also ensures that organizations can achieve their migration goals more efficiently and cost-effectively.

Learn more about IMS and explore its powerful migration capabilities today!

• Read our latest insights on the IMS blog 


• Learn more about IMS and start hassle-free migrations and its capabilities today! On our YouTube Channel 


• Want to speak with an expert? Reach out to us at imssales@microsoft.com to connect with a sales representative. Let’s power the future of digital collaboration — together.