Microsoft partners with Global Anti-Scam Alliance to fight cybercrime
May 6, 2025Catch Up on the Azure Communication Services Fundamentals Series
May 6, 2025
A Comprehensive Overview:
An Insight into Active Directory Migration Services User Migration.
Introduction
ADMS, ADSS, and ADGMS are all cloud-based services that come within the ADxS services portfolio offered by Microsoft and designed to facilitate efficient and cost-effective migrations. For additional information around migration use cases, refer to this blog: https://techcommunity.microsoft.com/blog/microsoft-security-blog/exploring-the-use-cases-of-adxs-services/4373299?previewMessage=true .
ADMS or Active Directory Migration Service – is a service designed to facilitate the migration of users and workstations across domains and forests by offering diverse number of migration methods such as Self-Service Migration which is unique to the ADMS service and it comes with two types, Self-Service for corporate connect users, and Self-Service for Remote of VPN users, Admin automated Migrations, user only migration and Migration for workstations shared by more than one user.
Prerequisites for a User Migration
Users must be in scope for the ADMS sync engine, meet all identity logic, and be in the migration database prior to coming to the ADMS Portal. One of the first items we perform is pre-provision or join source identities to target identities also working with your team to determine attributes to flow as part of the sync engine.
ADMS Portal will submit each user to a set of preflight checks prior to allowing user migration. This will include but not limited to ensuring connectivity to the target domain, use of a supported web browser, being in the approved to migrate security group, and so on to make sure the user is flight ready.
User Migration journey
This blog will focus on the user migration, for more about device migration please review the following blogs: https://techcommunity.microsoft.com/blog/microsoft-security-blog/exploring-the-extensibility-of-active-directory-migration-service-adms-device-mi/4397075; https://techcommunity.microsoft.com/blog/microsoft-security-blog/seamless-transitions-unlocking-workstation-migration-with-identity-migration-ser/4404842 .
Assuming the user and device meet the preflight checks, and approved for migration, the user is submitted to the activation phase. This phase includes the user object being enabled if necessary as well as being submitted to the ADMS AR Pipeline. You can read more about the ADMS AR Pipeline in this blog: https://techcommunity.microsoft.com/blog/microsoft-security-blog/exploring-the-use-cases-of-adms-application-pipeline/4404097
The default delivery includes the objectSID of the source user being copied to the target user SIDHistory at user migration run-time in the ADMS AR pipeline. We also submit the user for any additional application/service remediatation agreed upon during workshops.
Another configuration item that can be performed is post user migration, after a grace period, the source user identity can be disabled as part of our post processing procedure.
Key features of ADMS
- Diverse Migration Methods: ADMS offers several migration methods, including Self-Service Migration for corporate connect users and remote or VPN users, Admin automated migrations, user-only migration, and migration for workstations shared by multiple users.
- User-Centric Approach: ADMS focuses on minimizing disruptions and ensuring a smooth migration process. Its user-centric approach, agility in deployment, and focus on minimizing disruptions make it a superior choice compared to conventional migration tools.
- Identity Sync Engine: Conventional tools synchronize Active Directory objects as-is to the target domain and refresh them as changes are made in the source. ADMS implements a rich and robust identity management system so that just the right identities, groups, group memberships and workstations are synchronized and provisioned and will continuously run until the migration has been completed to accommodate changes in the source.
ADMS Migration Benefits
The ADMS user migration is accomplished by several backend processes in addition to the ADMS Portal, which provides a self-service user interface, performs pre-validation checks, and ensures that the user is approved to migrate. The ADMS solution is scalable to support many concurrent user migrations submitted using the Self-service Portal and the bulk account submission tool.
The ADMS Portal landing page can be configured to let the user choose from one or more connection options. This includes but not limited to at a remote location over VPN.
The ADMS Portal can be configured to allow the user’s local language to be displayed in their browser providing a richer user experience for the various use cases brought to the migration portal.
Conclusion
ADMS is a service designed to facilitate the migration of users and workstations across domains and forests by offering diverse number of migration methods. ADxS services not only simplifies the migration process but also ensures that organizations can achieve their migration goals more efficiently and cost-effectively.
Learn more about IMS and explore its powerful migration capabilities today!
- Read our latest insights on the IMS blog
- Learn more about IMS and start hassle-free migrations and its capabilities today! On our YouTube Channel
- Want to speak with an expert? Reach out to us at imssales@microsoft.com to connect with a sales representative. Let’s power the future of digital collaboration — together.