The basic unit used in any Alter-Ego domain join and/or profile migration is the computer. A computer represents any PC, laptop, or server running Microsoft Windows 2000, Windows XP, or Windows 2003 operating systems.
Computers are added to the tree using the New Computer button on the Console or through an import from Active Directory or import from file. Each computer name in the tree must be unique. Computers must be given a network-resolvable name -- typically their actual Windows computer names -- as the name they are assigned is used for all network communication.
To organize computers, or to facilitate the deployment of similar settings (see below) to many computers, they can be collected into groups. Groups can be created within other groups to further classify computers. In the console, groups are displayed as folders. On startup, the console tree always contains a root group called All Computers which contains all other computers and groups.
Groups have no correlation with Windows or Active Directory security groups.
Groups are input into the console, either manually through the New Group button in the console user interface or by importing from Active Directory in a Windows domain environment.
The details of any domain join or profile migration job are stored in settings which are associated with a computer or group. The settings contain information information on the type of job to run, accounts used for authentication to complete the migration tasks, and other options.
Settings are automatically inherited through the hierarchical structure of groups. That is, by adding settings to a group, all child computers and groups it contains will receive the same settings unless they are given their own individual settings. A group with settings is called a settings root as it begins a new settings inheritance tree.
The All Computers group will always have settings associated with it. These are called the global settings and typically configured through the Easy Setup Wizard, though they can also be manually set through the console user interface.
In the case of a profile migration, a list of profiles must be created for the applicable computers. The profiles list indicates the source user account or SID and the destination user account for each profile to be migrated. Unlike other settings, a list of profiles cannot be assigned to a group -- profiles must be configured on a per computer basis. A list of profiles is not required for computers which are performing a domain join only. There is no correlation between profiles and settings.
Profiles can be input manually through the console user interface or imported as part of the Easy Setup Wizard.
Alter-Ego is used to perform two basic actions:
A domain join job can be used to move computers from a workgroup to a domain, from a domain to a workgroup, or from one domain to another. Alter-Ego dramatically improves the efficiency of such an action by eliminating the need for timely desktop visits to manually change the domain membership of each computer.
A profile migration can be used to move a user profile from one account to another within the same security context (domain or local), assign a local account profile to a domain account, or migrate a domain account profile to a local account.
These actions are often performed together as a domain join + profile migration job, where the computer domain membership changes while user profiles are automatically translated to match their counterpart accounts in the new security context.
For example, an administrator moves a network of computers from a workgroup to a domain configuration. He has created new domain user accounts for each of the local workgroup users. These local and domain accounts will be assigned different Security Identifiers (SIDs) in Windows. These SIDs are the key to Windows security, and as a result, Windows recognizes these accounts as distinct users, even if they have the same username. When the users attempt to login to their new domain accounts, new profiles will be created for these new users. NTFS and registry changes must be made to map the new accounts to the old profiles. Alter-Ego can efficiently perform all of these steps from the central console, allowing the administrator to monitor the results.