Computer Account Domain Migration Oddities – No Access to ADMIN$ share

When attempting to run the Security Translation Wizard to ensure resources like Local Profiles, Printers, Mapped Drives, Desktop, etc… are migrated over when users start to logon with their migrated user accounts, I ran into an odd error within ADMT.

Unable to access ADMIN$ share on the machine ‘COMPUTERNAME.DOMAIN.COM’. Make sure the share exists and the account running ADMT is a member of local administrators group on the machine ‘COMPUTERNAME.DOMAIN.COM’. hr=0x80070005. Access is denied.

image

The migration server, with ADMT installed, that was joined to the Target Domain was unable to access some PCs by name using UNC path name i.e. \\ComputerName\admin$, but I  could access this location using IP Address and could resolve the name with NSLookup have it respond to PING by name, and remotely connect by name to a RDP to the remote computer. Another anomaly I noticed was that when I went to Computer Management and try to access this machine remotely, the Local Users and Groups section is inaccessible from this server.

Solution:

Turns out, the reason for this was that the Source computer object was still enabled.  Once I disabled or deleted the Source computer object, I was immediately able to access the ADMIN$ shares and remote computer managment of the migrated PCs.

Advertisements
This entry was posted in Active Directory, ADMT and tagged , , , , , . Bookmark the permalink.

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s