There are several legacy security domain resources not covered by server migration tool:

• /subsystem=datasources/data-source, security-domain
• /subsystem=datasources/data-source=ExampleDS, security-domain
• /subsystem=datasources/xa-data-source, security-domain
• /subsystem=iiop-openjdk, security-domain
• /subsystem=resource-adapters/resource-adapter=a/connection-definitions, recovery-security-domain, security-application, security-domain, security-domain-and-application
• /deployment=a/subsystem=resource-adapters, similar to /subsystem=resource-adapters/resource-adapter=a/connection-definitions

In case it's not possible to migrate such resources a warning should be logged.