How SharePoint Migrate Users from One Domain to Another
Posted On June 11, 2019
Organizations use Microsoft SharePoint for monitoring projects and improving collaboration among employees. SharePoint is a private network that stores all information and profiles of all employees in the departments. When companies decide to take down their intranet because it no longer serves them or for whatever reason, they want to make sure that all user profiles are retained. Therefore, they migrate user profiles from one SharePoint domain to another.
There are things that you need to consider before you migrate SharePoint users to new domain. There are different ways of migrating users in Microsoft SharePoint, and we’ll discuss more of that in this blog.
Take note that this blog will only talk about the Move-SPUser cmdlet that applies only to SharePoint Servers 2010, 2013, 2016, and 2019. A cmdlet is a command used in the Windows PowerShell environment. The Move-SPUser cmdlet allows for migration of user access from one domain user account to another.
Here’s an example of migrating a user profile from domain A to the new account of the said profile in domain B with security identified (SID) history enabled. Every time an object is transferred or migrated from one domain to another, a new SID is created and becomes the objectSID. The example below is for a user named Anne Smith.
$user = Get-SPUser -Identity “DomainA\AnneSmith” -Web https://webUrl
Move-SPUser -Identity $user -NewAlias “DomainB\AnneSmith”
You can also migrate a user from domain A to the new account in domain B. Below is a sample script of how you do this migration from DOMAIN\AnneSmith to Domain\AnneMiller. This example is helpful to user profiles who changed their last name.
$user = Get-SPUser -Identity “DOMAIN\AnneSmith” -Web https://webUrl
Move-SPUser -Identity $user -NewAlias “Domain\AnneMiller” -IgnoreSid
You can also transfer a user account from old domain to the new account in another domain using the Windows Claims. Just remember that -IgnoreSid should be used with Move-SPUser when using a Claims Identity like Windows Claims.
$user = Get-SPUser -Identity “i:0#.w|DOMAIN\AnneSmith” -Web https://webUrl
Move-SPUser -Identity $user -NewAlias “i:0#.w|Domain\AnneMiller” -IgnoreSid
Remember that you must have a valid site where the user account resides in the UIL if you want to use the Move-SPUser.
You can also use the SharePoint Team Server Administration (STSADM) for user migration if you’re using the SharePoint 2007. Please see below for the code.
stsadm -o migrateuser -oldlogin ‘i:0#.w|lab\jdoe’ -newlogin ‘i:0#.w|xenonatom\jdoe’ -ignoresidhistory
You can also migrate active directory groups in Microsoft SharePoint from old to new domain using PowerShell. Here’s a sample script.
#Old and New Groups
#Migrate AD Group
$Farm = Get-SPFarm
Tips Before Migrating Users
Determine the individual or group profiles to be carried to the new domain. There are instances when user or group profiles will not be used in the new domain because these accounts may no longer be working in the company or a certain department or division has been dissolved.
There are also users who temporarily use accounts because they are only working for a company as contractual. If a project-based employee leaves, his or her user profile must also be taken down. So, before migrating user profiles, the accounts must be checked and verified by the company.
You also need to assess how many user profiles must be carried to the new domain because migrating user accounts can take up space. This is why verifying the active accounts to be transferred to a new domain is crucial.
Another important thing to consider before SharePoint migrate users from one domain to another is you have to check if there are duplications to user profiles. Names of employees or users may have similar first names and last names. Updated user profile information like contact number, email addresses, job title, department, and the like must also be validated to avoid hassle in the future.
User profile permissions must also be considered and be recorded before you migrate SharePoint users to new domain. Permissions of user profiles in the old domain are not carried in the new domain. If you have a record of the user permissions, that would be beneficial.
There you have it. We hope we helped you with at least the first few steps on how to migrate SharePoint users to new domain. Have you tried migrating user profiles from one domain to another? How has it worked for you and what tools did you use?
Let us know in the comment section if you have other ways in migrating user profiles across different domains. We’d love to know your experience. Don’t forget to share this blog on your social media accounts.