Contrary to popular belief, it’s possible to migrate Active Directory User Accounts and their passwords . This Document will provide you a detailed step by step guide for migrating Active Directory users and Passwords. This document has created based on below assumptions.
You have a working Active Directory in RUH1 (Considered to be the source AD).
You have another Active Directory with same specs in RUH2 (Considered to be destination AD).
Both AD can communicate together over Network.
Before you Begin
You have to setup conditional forwarders between Domains. You can refer to Microsoft Technet for understanding Conditional forwarding.
Once the conditional forwarders are in Place, you must setup a Two-Way Active Directory Trust in order to authenticate between the two domains. You can read about how to setup this in Microsoft Technet.
Download below Applications
Install Both application in your Source AD
Start the Migration
Create an Encryption File to be used during the password . Run the Below in CMD / Powershell
admt key /option:create /sourcedomain:DOMAIN.local /keyfile:C:\ADMTKey /keypassword:Migration@123!
This will create the encryption key at the location you choose. Please be sure to also update Domain.local and Migration@123! with appropriate information.