Manual Transfer - Not Supported
Instead of creating a .BKF file, you can select Leave the data in the staging folder. I will transfer it later myself. This is called a manual transfer of the staging folder.
Note: We strongly recommend that you do not attempt a manual transfer of the staging folder. Always create a .BKF file (or use a disk image) in order to transfer the data to the remote computer. Only a .BKF file (or disk image) can guarantee the preservation of all the critical data necessary to copy Active Directory correctly. |
Not supported: The manual transfer method is not supported.
Manual Transfer: Example
The following example shows the console commands on the source
computer that will
manually transfer the staging folder to the destination computer
(named DestComputer
). It requires that you first download
the PsExec console utility from Windows Sysinternals.
psexec \\127.0.0.1 -e -s -i cmd.exe
net use V: \\DestComputer\C$ /USER:MyDomain\Administrator MyPassword
xcopy C:\StagingFolder V:\StagingFolder /S /E /H /K /I /O ↵
/V /B /X /Y /R /C
net use V: /delete
exit
Preserving ACL Settings
Important: If you manually transfer the staging folder, you must be careful to preserve all access control list (ACL) security settings and file attributes.
This means if you use console utility XCOPY.EXE (for example), you must include the /O option (to copy ACL security settings) and the /K option (to copy file attributes), and the /H option (to copy hidden files).
Warning: Do not use
a graphical file utility such as Windows Explorer to copy
the staging folder.
This is because Windows Explorer does not preserve ACL security
settings. For the same reason, a transfer using a USB thumb drive will generally not work. This is because most USB thumb drives are formatted using the FAT32 filesystem. FAT32 does not preserve ACL security settings. Only an NTFS filesystem will preserve ACL security settings. |
U-Move will warn you if it detects a missing or damaged ACL in the staging folder.
Super Hidden Files
Some essential data files are “super hidden”. These
include the machine master encryption keys
at C:\ProgramData\Microsoft\Crypto\RSA\MachineKeys
.
These files are protected against copying even with
full elevated administrative
permissions. You cannot copy these files even with an Administrator
user account.
AD cannot boot without these essential files. To copy these highly protected files you must first create a console window that runs under Local System account, using a utility such as PsExec (see the example above).
Avoid Manual Transfer: Use the .BKF file
Because of the difficulty of performing a manual transfer, and the hazard of damaging security settings or skipping critical super hidden files, we recommend that you do not attempt a manual transfer. Instead install and run U-Move on the source computer and let it create the .BKF snapshot for you. (U-Move is always safe to run on the source computer.) A .BKF file is the most reliable way to move Active Directory. It ensures that all ACL security settings, hidden files, file attributes, and other metadata are copied and preserved intact.
If you cannot create a .BKF file, use a disk image. Attempt a manual transfer only as a last resort.
For more information
U-Move for Active Directory |