In Active Directory, Blog, Windows

Active Directory Migration Tool

As the IT landscape continues to evolve with cloud innovations and more, IT organizations are reevaluating their identity management stack. Specifically, some are looking for a Microsoft® Active Directory® migration tool. If you are one such organization, there’s a solution for you. Before we dive in, however, let’s look at why IT needs an Active Directory migration tool.

Why Migrate?

The cloud changed everything. End users are opting for SaaS-delivered apps over traditionally purchased ones, and Mac® and Linux® systems are grabbing up market share left and right. The solely on-prem, Windows®-based IT environment is trending toward obsolescence as more networks become heterogenous. 

Unfortunately, many IT admins are still relying on Active Directory (AD) as their central hub of identity and access management (IAM). AD was created for an on-prem, Windows-based world, one that is long behind us. With new cloud/non-Windows innovations, AD struggles to keep up with IAM needs. 

Active Directory Migration Tools

Thus, IT organizations are seeking out ways to bolster their AD instances, and some are even turning to Active Directory migration. The search can be broken into two main camps.

Azure® Active Directory®

The first of these groups opt to follow Microsoft’s “happy path,” combining AD and cloud-based resources by using the Azure cloud and Azure Active Directory (AAD). Although it could technically be considered a migration to the cloud, it’s more of a step into the cloud that maintains one foot on-prem. Using AAD, IT admins can still leverage their on-prem AD as the source of truth for their Azure-based identities, which AAD can then propagate outward to Office 365™ and a selection of web applications outside of Azure. 

Some view AAD as essentially a cloud-based AD instance, but at the moment that is simply untrue. AAD is more of a cloud extension; it still requires AD on-prem to properly function. IT admins looking for a fully cloud-based directory service might need to look away from Microsoft.

Cloud Directory Service

By using a cloud directory service, IT organizations can reap many of the benefits of using AD + AAD (and many more) without the need for any hardware on-prem. A cloud directory service can be vendor neutral and therefore make it considerably easier for IT admins to incorporate more of their cloud-based, non-Windows stack under a single IAM solution.

JumpCloud® Directory-as-a-Service® is the first of such cloud directory services — reimagining AD for the modern era. IT organizations can use JumpCloud to manage their users and their access to virtually all IT resources, regardless of vendor or location.

JumpCloud’s Active Directory Migration Tool: ADMU

JumpCloud created a tool specifically for IT admins interested in migrating from AD: the JumpCloud Active Directory Migration Utility (ADMU). The ADMU leverages native Windows Assessment and Deployment Kit (ADK) tooling to shift AD domain-bound users and systems into local accounts, subsequently removing them from AD altogether. These users and systems can then be transferred easily into JumpCloud and completely managed from the cloud.

The ADMU is almost entirely automated and allows admins their choice of a graphical interface, command line, or PowerShell formats to carry out their migration. The process is as follows: 

  1. To begin, the ADMU queries for migration parameters, including data about the user/system being migrated (i.e. their username and password), as well as the JumpCloud system connect key.
  2. The domain profile is copied into a migration folder using the ADK and recreated as a local account.
  3. A local account is added to the system using the queried migration data, as well as information from the migration folder.
  4. The JumpCloud system connect key installs the JumpCloud agent onto the system, and adds it into JumpCloud.
  5. (Optional) The system is unbound from AD.
  6. (Optional) ADMU restarts the machine, and the JumpCloud system agent is fully installed.

Once completed, the ADMU completely migrates users and systems from Active Directory into Directory-as-a-Service. 

Try JumpCloud and the ADMU for Free

JumpCloud Directory-as-a-Service and its associated Active Directory migration tool, ADMU, are available for use absolutely free. By signing up for JumpCloud, you can see everything the platform has to offer for up to 10 users — at no cost to you. Then, once you’re comfortable with Directory-as-a-Service, you can then download the ADMU and begin migrating from your legacy AD instance.

If you would like to learn more about JumpCloud and the ADMU, please contact us for more information, or request to be subscribed to our monthly update newsletter.


Recent Posts