none
Changing domain of the SharePoint.

    Question

  • Hello All,

    We are having a situation where the domain under which the SQL Server and sharepPoint is running "domain1\domainname" is going to be decommissioned  with the new domain "domain2\domainname2". I know the SQL server part how the user and service accounts needs to be changed from the old to the new one.  Need helps form the pro's in how to go about it in share point. steps what to do or a link that describes it. Needless to say that I am not a SharePoint Admin but it has been assigned to me to work on it.

    Thanks in advance.

    A

    Friday, April 21, 2017 3:54 PM

All replies

  • Use this below powershell script. I used this script for migrating profile from EU to NA lately. Make sure that, SID in the AD should remains same.

    In my case, AD team migrate users daily for 100 to 200 users (once their desktop migrated) and shared those details in Csv format. I executed script based on top of CSV.

    -------------------------------------------------------------------------------------------------------

    $csvfilePath = "D:\Installations\AD-PowerShellScripts\users.csv"
    $farm = Get-SPFarm

    Import-Csv $csvfilePath -delimiter "," | ForEach-Object{

                    Write-Host "Migrating User" $_.oldlogin "to" $_.newlogin -ForegroundColor Green       
                 #  $oldlogin = "i:0#.w|" + $_.oldlogin
                  #  $newlogin = "i:0#.w|" + $_.newlogin
                   $farm.MigrateUserAccount($_.oldlogin,$_.newlogin, $false)
                    }

    -------------------------------------------------------------------------------------------------------

    Make sure you save with name users.crv and add user one by one in the below format.

    ---------------------------------------------------------------------------------------

    ----------------------------------------------------------------------------

    Thanks

    Lalith

    ----------------------------------------

    Please mark as Answer, if this post solves your issue.


    Friday, April 21, 2017 4:17 PM
  • Use Move-SPUser instead of SPFarm.MigrateUserAccount.

    Trevor Seward

    Office Servers and Services MVP



    Author, Deploying SharePoint 2016

    This post is my own opinion and does not necessarily reflect the opinion or view of Microsoft, its employees, or other MVPs.

    Friday, April 21, 2017 4:48 PM
    Moderator
  • If the SharePoint servers reside in the domain to be decommissioned, you'll need to build a new farm in the new domain and migrate your content/service application databases to the new farm.

    Trevor Seward

    Office Servers and Services MVP



    Author, Deploying SharePoint 2016

    This post is my own opinion and does not necessarily reflect the opinion or view of Microsoft, its employees, or other MVPs.

    Friday, April 21, 2017 4:49 PM
    Moderator
  • Move-SPuser works on individual site collection. We were not sure about single user accessing how many application. farm.MigrateUserAccount resolved me to migrate users from user profile, Web application, site colletion and Sub-site level with out having any issue.

    Thanks

    Lalith


    Friday, April 21, 2017 4:52 PM
  • That's not correct. Move-SPUser is a farm-wide operation, including UPSA.

    Trevor Seward

    Office Servers and Services MVP



    Author, Deploying SharePoint 2016

    This post is my own opinion and does not necessarily reflect the opinion or view of Microsoft, its employees, or other MVPs.

    Friday, April 21, 2017 4:53 PM
    Moderator
  • We need to loop all web application, site collection and sub-sites, if we use Move-SPuser. PS become complexity and take more time, if we have more number of site collection and sub sites.

    Thanks

    Lalith

     
    Friday, April 21, 2017 4:55 PM
  • If you want to move-SPuser, here is the code. If you notice, you always pass site collection every time. If it is single site collection, then it is ok. But we have numerous site collection and sub site, then our PS become complexity.

    $users = get-SPUser -web “https://webapplication/sites/sitecollection“
    foreach ($oldUser in $users)
    {
    $oldUserSTR = $oldUser.userlogin
    $newUser = $oldUserSTR.replace(“oldDomain“, “newDomain“)
    move-SPUser -Identity $oldUser -NewAlias $newUser -IgnoreSID
    }

    Thanks

    Lalith

    Friday, April 21, 2017 5:01 PM
  • You never need to pass an SPWeb. Users are only stored at the SPSite level. You can use $sites - Get-SPSite -Limit ALL and simply do a foreach based on that. Quite simple.

    Trevor Seward

    Office Servers and Services MVP



    Author, Deploying SharePoint 2016

    This post is my own opinion and does not necessarily reflect the opinion or view of Microsoft, its employees, or other MVPs.

    Friday, April 21, 2017 5:02 PM
    Moderator
  • Here is the exact issue i faced in my environment when i user Move-SPuser. 

    https://blogs.msdn.microsoft.com/rcormier/2012/02/23/interesting-side-effects-of-the-move-spuser-powershell-cmdlet/

    Profile migration showing correctly. All permissions becomes read only and if any workflows is in progress is effected. Document check in and check out issues happend etc..    We raised ticket to Microsoft and above code given by them. 

    Thanks 

    Lalith

    Friday, April 21, 2017 5:18 PM
  • Building new farm is not required if he moves the whole box to new domain. But, it's not as simple as moving box because it needs changing service accounts under new domain and performing domain move. 

    My suggestion is don't do it if you're not SharePoint admin as you'll go through multiple steps to achieve your goal :) 

    Friday, April 21, 2017 7:54 PM
  • Thanks for the feedback.

    Can you point me to a doc or link.. I understand it is might not be that simple. it is correct that the whole box is going to get linked to the new domain once the old one is decommissioned. What I have read so far is below.

    1. Create the new account in AD

    2. Add a managed account via Central Admin>Security>Configure Managed Accounts

    3. Configure the Service Account via Central Admin>Security>Configure Service Accounts. At this step you will select the Service you need to update then select the managed account you just added.

    Please add the steps below what further needs to be done. 

    Many thanks in advance to all of this.

     
    Tuesday, April 25, 2017 1:45 PM
  • Hi Bobbyb11,

    There is a blog about moving SharePoint to a new domain, please check if it is useful for you:

    http://spsite.pro/Blog/Post/20/Moving-SharePoint-to-a-new-domain---small-instruction

    Thanks,

    Wendy


    Please remember to mark the replies as answers if they help.
    If you have feedback for TechNet Subscriber Support, contact tnmff@microsoft.com

    Wednesday, April 26, 2017 9:15 AM
    Moderator
  • Hi Bobbyb11,

    Can you provide your update on this? If you issue resolved, mark as answer or mark as help full post.

    Thanks

    Lalith

    Friday, April 28, 2017 7:44 PM