I want to do some testing for an automation that allows admins to move user accounts from one ARS managed domain to another. I know there are gotchas on this. I have tried to consider as many as I can think of.
- Group memberships should be removed before the account is moved.
- Resetting the users password to a default value will be required.
- Making sure the mS-DS-ConsistencyGuid is maintained so that the account doesn't lose its mailbox.
- Deleting the accounts SSO profile is required before the move.
Can you think of any other gotchas to this process? Our current process is very cumbersome. I am hoping to make this much simpler.
I have been reviewing this link found in the KB but don't fully understand it as of yet. www.oneidentity.com/.../how-to-enable-cross-domain-moving-of-user-accounts
Thanks,
Rick