Hi \nI’m currently working on migrating from old.domain to new.domain using Active Directory Migration Tool. Both domains have Windows Servers 2019. The goal is to move all users, groups, computers, and resources with minimal disruption, while preserving SID history to maintain access to existing resources during the transition. I’m running into an issue that I’d appreciate some help with.<\/p>\n
Advertisement
Issue -<\/strong> \nWhile user and group migrations (including SID history) are working smoothly. When I try to do security translation and computer migration, it fails with this error -<\/p>\n
Advertisement
ERR2:7666 Unable to access server service on the machine ‘OLD-TEST.domain.com<\/code>’. Make sure netlogon and workstation services are running and you can authenticate yourself to the machine. \nhr=0x800706ba. The RPC server is unavailable.<\/p>\n
Some Key points about this issue:<\/strong><\/p>\n
The computer does get created in the new domain. \nThe failure occurs during the post-copy phase, when ADMT tries to install its agent on the source machine to translate profiles and update local permissions.<\/p>\n
What I have verified and configured<\/strong> \nTwo-way forest trust fully established and verified between old and new domains. \nDNS resolution (forward and reverse) is working fine between all servers and clients. \nMigration admin accounts have Administrator permissions on both domains. \nNetlogon, Workstation, and Server services are running on test machines. \nWindows Firewall is disabled on test workstations<\/p>","upvoteCount":4,"answerCount":12,"datePublished":"2025-07-07T16:39:39.480Z","author":{"@type":"Person","name":"spiceuser-tfjm4","url":"https://community.spiceworks.com/u/spiceuser-tfjm4"},"suggestedAnswer":[{"@type":"Answer","text":"
Hi \nI’m currently working on migrating from old.domain to new.domain using Active Directory Migration Tool. Both domains have Windows Servers 2019. The goal is to move all users, groups, computers, and resources with minimal disruption, while preserving SID history to maintain access to existing resources during the transition. I’m running into an issue that I’d appreciate some help with.<\/p>\n
Issue -<\/strong> \nWhile user and group migrations (including SID history) are working smoothly. When I try to do security translation and computer migration, it fails with this error -<\/p>\n
ERR2:7666 Unable to access server service on the machine ‘OLD-TEST.domain.com<\/code>’. Make sure netlogon and workstation services are running and you can authenticate yourself to the machine. \nhr=0x800706ba. The RPC server is unavailable.<\/p>\n
Some Key points about this issue:<\/strong><\/p>\n
The computer does get created in the new domain. \nThe failure occurs during the post-copy phase, when ADMT tries to install its agent on the source machine to translate profiles and update local permissions.<\/p>\n
What I have verified and configured<\/strong> \nTwo-way forest trust fully established and verified between old and new domains. \nDNS resolution (forward and reverse) is working fine between all servers and clients. \nMigration admin accounts have Administrator permissions on both domains. \nNetlogon, Workstation, and Server services are running on test machines. \nWindows Firewall is disabled on test workstations<\/p>","upvoteCount":4,"datePublished":"2025-07-07T16:39:39.572Z","url":"https://community.spiceworks.com/t/looking-for-suggestions-on-admt-migration-issue/1221689/1","author":{"@type":"Person","name":"spiceuser-tfjm4","url":"https://community.spiceworks.com/u/spiceuser-tfjm4"}},{"@type":"Answer","text":"
Is it possible the profile running the ADMT process isn’t elevating on the computer? I’d start by verifying whatever domain admin you’re using has appropriate access at both ends.<\/p>","upvoteCount":1,"datePublished":"2025-07-07T19:05:37.344Z","url":"https://community.spiceworks.com/t/looking-for-suggestions-on-admt-migration-issue/1221689/2","author":{"@type":"Person","name":"Jay-Updegrove","url":"https://community.spiceworks.com/u/Jay-Updegrove"}},{"@type":"Answer","text":"
Yes, i have checked and the account running the ADMT has full access. The weird thing is its giving me a same error if i try to migrate a computer from new domain to old domain even though the new domain does not have too many restrictions as i am doing testing on it<\/p>","upvoteCount":1,"datePublished":"2025-07-08T13:29:24.095Z","url":"https://community.spiceworks.com/t/looking-for-suggestions-on-admt-migration-issue/1221689/3","author":{"@type":"Person","name":"spiceuser-tfjm4","url":"https://community.spiceworks.com/u/spiceuser-tfjm4"}},{"@type":"Answer","text":"
Can you see SYSVOL from a member computer on either domain? It’s starting to sound like DC’s aren’t talking.<\/p>","upvoteCount":1,"datePublished":"2025-07-08T13:34:07.095Z","url":"https://community.spiceworks.com/t/looking-for-suggestions-on-admt-migration-issue/1221689/4","author":{"@type":"Person","name":"Jay-Updegrove","url":"https://community.spiceworks.com/u/Jay-Updegrove"}},{"@type":"Answer","text":"
i just checked and yes computer from old domain can access sysvol from new and old domain and another computer from new domain can also access sysvol from new and old domain<\/p>","upvoteCount":1,"datePublished":"2025-07-08T13:48:22.555Z","url":"https://community.spiceworks.com/t/looking-for-suggestions-on-admt-migration-issue/1221689/5","author":{"@type":"Person","name":"spiceuser-tfjm4","url":"https://community.spiceworks.com/u/spiceuser-tfjm4"}},{"@type":"Answer","text":"
