3. Upgrading SharePoint farm from one version to another (also moving from one domain to another new domain). How does this affect the user permissions?

Smruti Ranjan Nayak 81 Reputation points Microsoft Employee
2022-02-21T10:18:22.167+00:00

Hi,
I have a scenario where SP2013 farm is being upgraded to a SP2019 farm. Here we are also moving from one AD domain to another AD domain. i.e. 2019 and 2013 farms belong to two different domains. The question here is: Is there any way that the user permissions can be preserved and migrated to the new domain farm? Thanks.

SharePoint Server Management
SharePoint Server Management
SharePoint Server: A family of Microsoft on-premises document management and storage systems.Management: The act or process of organizing, handling, directing or controlling something.
2,941 questions
{count} votes

1 answer

Sort by: Most helpful
  1. Echo Du_MSFT 17,161 Reputation points
    2022-02-22T05:20:29.78+00:00

    Hi @Smruti Ranjan Nayak ,

    Welcome to Q&A Forum!

    Please follow the steps:

    1.Prepare a CSV file and fill in the following relevant information. The CSV file just maps the old SAMAccountName with the new one.

    For example:

    $OldID="i:0#.w|DomainA\userA"  
    $NewID="i:0#.w|DomainB\userA"  
    #OR  
    $OldID="DomainA\userB"  
    $NewID="DomainB\userB"  
    

    Here is my CSV file structure:

    176661-1.png

    2.PowerShell script to Migrate Users from one domain to another:

    Add-PSSnapin Microsoft.SharePoint.PowerShell  
    
    #Import data from CSV file  
    $UserData = Import-CSV -path "C:\temp\Accounts.csv"  
    
    #Iterate through each Row in the CSV  
    foreach ($Row in $UserData)  
     {  
        write-host "Processing user:" $row.Email  
    
        #Site collection URL  
        $siteURL ="http://sp19"  
        $site = Get-SPSite $siteURL  
    
        foreach($web in $site.AllWebs)  
         {  
            #Get All Users  
            $UserColl = Get-SPUser -web $web.Url  
    
            foreach ($User in $UserColl)  
            {  
                #Get values from CSV File  
                $OldUserID= $Row.OldUserID.Trim()  
                $NewUserID =$Row.NewUserID.Trim()  
                $Email = $Row.Email.Trim()  
    
                #Search for Old User Accounts  
                if($User.UserLogin.Contains($OldUserID))  
                 {  
                    #Update the User E-mail  
                    Set-SPUser -Identity $User.UserLogin -Email $Email -Web $web.URL  
    
                    $NewUser = $User.UserLogin.replace($OldUserID, $NewUserID)  
    
                    #Migrate user from Old account to new account - migrate users to new domain  
                    Move-SPUser -Identity $User -NewAlias $NewUser -IgnoreSID -confirm:$false  
                    write-host "User Migrated: $($User.userlogin) at site $($web.Url)"  
                 }         
            }  
        }  
    }  
    

    3.Migrate AD Groups in SharePoint from Old Domain to New Domain:
    Use this PowerShell script to migrate active directory security groups from one domain to another domain.

    #Old and New Groups  
    $OldLogin="OldDomain\Group"  
    $NewLogin="NewDomain\Group"  
    
    #Migrate AD Group  
    $Farm = Get-SPFarm  
    $Farm.MigrateGroup($OldLogin, $NewLogin)  
    

    Reference:

    Thanks,
    Echo Du

    =====================================

    If the answer is helpful, please click "Accept Answer" and kindly upvote it. If you have extra questions about this answer, please click "Comment".
    Note: Please follow the steps in our documentation to enable e-mail notifications if you want to receive the related email notification for this thread.


Your answer

Answers can be marked as Accepted Answers by the question author, which helps users to know the answer solved the author's problem.