Failed to move source object from child domain to parent domain using ADMT 3.2

This topic is resolved

This topic contains 8 replies, has 3 voices, and was last updated by Profile gravatar of Michael Pietroforte Michael Pietroforte 1 week, 1 day ago.

  • Author
    Posts
  • #117514
    Profile gravatar of Karim Buzdar Karim Buzdar 
    Participant
    Post count: 54
    Member Points: 878

    Hi Michael/everyone,

    I am migrating an AD user account in a forest from child domain to parent domain using ADMT 3.2. But I am getting the following error.

    ERR2: 7621 Failed to move source object. Verify that the caller’s account is not marked sensitive and therefore cannot be delegated. hr=0x8009030e No credentials are available in the security package.

    Earlier, I had successfully migrated user from another child domain to same parent domain. What could be the issue? I searched everywhere but couldn’t find any correct logical solution.

    Thank you,

    Karim

    0
  • #117516
    Profile gravatar of Jason Coltrin Jason Coltrin 
    Moderator
    Post count: 16
    Member Points: 253

    Is it just that one user and others migrated successfully? Is it worth trying to resolve or just re-create the account in the new domain? It sounds like a domain trust issue. Did you try this solution? http://www.b-blog.info/en/admt-err2-7621-while-migrating-accounts-within-the-forest.html

    0
  • #117519
    Profile gravatar of Karim Buzdar Karim Buzdar 
    Participant
    Post count: 54
    Member Points: 878

    Hi Jason,

    Thank you for your reply.

    The migration issue is with all users. Although computer accounts are migrating successfully so doesn’t look like a trust issue. I checked the solution you mentioned but that didn’t work.

    Any more thoughts?

    Karim

    0
  • #117532
    Profile gravatar of Michael Pietroforte Michael Pietroforte 
    Keymaster
    Post count: 740
    Member Points: 2,136

    Is Microsoft Exchange running in the child domain?

    0
    • #118699
      Profile gravatar of Karim Buzdar Karim Buzdar 
      Participant
      Post count: 54
      Member Points: 878

      Hi Michael,

      There is  no MS exchange running in child domain. Users are in normal OU in source/child domain. Don’t know why this is happening?

      Thank you,

      Karim

       

      • This reply was modified 1 week, 2 days ago by Profile gravatar of Karim Buzdar Karim Buzdar.
      0
      • #118702
        Profile gravatar of Michael Pietroforte Michael Pietroforte 
        Keymaster
        Post count: 740
        Member Points: 2,136

        Did you check if the user account is marked sensitive? Maybe an admin enabled this for security reasons.

        0
        • #118709
          Profile gravatar of Karim Buzdar Karim Buzdar 
          Participant
          Post count: 54
          Member Points: 878

          Hi Michael,

          That was the issue and it is resolved 🙂

          Thank you,

          Karim

          2+

          Users who have liked this topic:

          • avatar
  • #118717
    Profile gravatar of Jason Coltrin Jason Coltrin 
    Moderator
    Post count: 16
    Member Points: 253

    Interesting- good catch Michael! I’ve never seen that box checked in user account settings.

    1+

    Users who have liked this topic:

    • avatar
  • #118985
    Profile gravatar of Michael Pietroforte Michael Pietroforte 
    Keymaster
    Post count: 740
    Member Points: 2,136

    Karim, I am glad that you found the problem. Good that you have PowerShell to change the setting for all your users. 😉

    Jason, it rarely happens, but sometimes error messages contain a grain of truth. 😉

    1+

    Users who have liked this topic:

    • avatar

CONTACT US

Please ask IT administration questions in the forum. Any other messages are welcome.

Sending
© 4sysops 2006 - 2017
Do NOT follow this link or you will be banned from the site!

Log in with your credentials

or    

Forgot your details?

Create Account