![]() |
Move users to new AD keepin local profile |
Post Reply ![]() |
Page 12> |
Author | |
OSIPR ![]() Newbie ![]() Joined: 16 Aug 2018 Location: PR Online Status: Offline Posts: 4 |
![]() ![]() ![]() Posted: 16 Aug 2018 at 6:06pm |
Hello,
I tried Forensit User Profile Wizard and it seems to be working. I still have doubts with some details: 1) I have an old domain with the AD name corp.local and the netbios name CORP. 2) I have a new domain with the AD name ad.corp.com and the netbios name CORP (the same netbios name as the old one) 3) With the Active directory domain and trust other FQDN was created on the new AD, corp.com 4) The reason for that domain to be added was because I'm using Azure AD Connect to synchronize the new on premise AD with Azure/Office365 AD (the old AD is not synchronized with Azure/Office365) and in Office365 the user accounts are jdoe@corp.com and not jdoe@ad.corp.com 4) I'm going to move the users from AD copr.local to AD ad.corp.com but I want to keep the user's local profile located in C:\USERS 5) I used Forenseit with a test account and it works. Questions: 1) At the AD after adding the users I went to properties, account tab and change the domain of the user logon name from @ad.corp.com to @corp.com. Since I want the users to end like jdoe@corp.com, What domain do I have to specify in the tool, ad.corp.com or corp.com? 2) The computer already have the local user's profile for the old AD. Do I have to remove the computer from the old AD and add it to the new AD before using Forensit? 3) Before using Forensit I noticed that after removing the computer from the old AD and adding the computer to the new AD after I log to the new AD two profile directories for the user were available. C:\Users\jdoe for the old AD and C:\Users\jdoe.CORP for the new AD. What directory is modify by Forensit? Which directory can I delete after using Forensit? 4) Do I have to log with an account from the new AD before I can migrate the user? Can I use a local administrator account of the computer (not domain) to run the tool? Can I use the tool with the same user account to move his own profile? even if the user is not an administrator of the local computer? Thanks! |
|
![]() |
|
OSIPR ![]() Newbie ![]() Joined: 16 Aug 2018 Location: PR Online Status: Offline Posts: 4 |
![]() ![]() ![]() |
Well I receive no responce to my questions so this is what I did: 1) Create user account on new AD 2) Create local admin account on computer 3) Remove computer from old domain 4) Log with local admin account and add computer to new domain 5) Log with local admin again and ran Forensit Profile Wizard 6) Reboot the computer and log as the new user Everything seems to be working fine except that now Office365 Onedrive for business is not working. When a file is accesed directly there are permisisons errors and when the file is accessed with any Office application it keep asking for credentials.
|
|
![]() |
|
jellybelly ![]() Newbie ![]() Joined: 24 Sep 2018 Online Status: Offline Posts: 6 |
![]() ![]() ![]() |
I am stuck at this same spot. When the file is accessed with any Office application it keeps asking for credentials (2 times and then fails). Error message "Something went wrong. We weren't able to register your device and add your account to Windows. Your access to org resources may be limited."
I spent the last week trying different things to get the migration to work. I also tried changing the user's UserPrincipalName in AD from user@ad.example.com to user@example.com thinking this was the trick to making it work. I am not yet using AAD Connect but for what it's worth, I also read in AAD Connect documentation that AAD Connect uses the UPN to find matches in Azure and that the ImmutableID in Azure was a product of the UPN. So, I tried nullifying the value in ImmutableID in Azure via powershell, but this did not help either. I have contacted the support group and am hoping they will respond with a solution. |
|
![]() |
|
OSIPR ![]() Newbie ![]() Joined: 16 Aug 2018 Location: PR Online Status: Offline Posts: 4 |
![]() ![]() ![]() |
jellybelly you have to download this file: Forensit is currently investigating the problem with Office365 authentication but if you use that file it will fix the problem.
|
|
![]() |
|
jellybelly ![]() Newbie ![]() Joined: 24 Sep 2018 Online Status: Offline Posts: 6 |
![]() ![]() ![]() |
Any chance you can share what this executable does to fix the issue? If it makes a change in the Registry, I really need to know what that change was.
Thank you very much as it seems to fix the problem. |
|
![]() |
|
Support ![]() Moderator Group ![]() Joined: 09 Nov 2006 Location: United Kingdom Online Status: Offline Posts: 1336 |
![]() ![]() ![]() |
Please keep in mind that this test utility fixes the majority of problems - but not all.
We still need more information, please tell us what build of Windows 10 you are using, and whether the machine is joined to Azure AD, etc. |
|
![]() |
|
jellybelly ![]() Newbie ![]() Joined: 24 Sep 2018 Online Status: Offline Posts: 6 |
![]() ![]() ![]() |
Windows 10 Pro version 1803, build 17134.286.
The machine was NOT joined to Azure AD. It was in WORKGROUP prior to migration to our on-premise AD server. Thanks. |
|
![]() |
|
jellybelly ![]() Newbie ![]() Joined: 24 Sep 2018 Online Status: Offline Posts: 6 |
![]() ![]() ![]() |
Well, unfortunately, I tried the fix with the very next user that was having the same exact problem and the problem persists. Is there anything else we can try so that the user is not prompted to login twice and then get the "Something went wrong..." error message? I have uninstalled/reinstalled Office, removed all office credentials from Credential Manager, removed the user's device from Azure with no luck in solving.
thanks Edited by jellybelly - 26 Sep 2018 at 2:54pm |
|
![]() |
|
pimpfish ![]() Newbie ![]() Joined: 25 Oct 2018 Online Status: Offline Posts: 1 |
![]() ![]() ![]() |
I'm bumping this post as I am having the same issue as Jellybelly. I had a domain account and a local profile using O365 and the account was added as a "work school" account under the local profile. Windows 10 obviously. I migrated the profile to the domain account, and got the hang that others have described at the first reboot (Preparing to set up apps). I killed that, and rebooted again. The login under the domain account showed the profile as normal. I then experienced the annoying Outlook login loops. I did both the suggested fixes here (running the file provided by Forensit and making the registry change proposed by another user). That seems to have resolved. However, I am completely unable to add or store the credentials for the O365 account. I cannot "connect as work or school account" and get the "Something went wrong" error. I've forced all logouts from the O365 side, and tried adding the account when and when not connected to my work/domain VPN. Only think I haven't done is removed the machine from AD (we're using ADSync with a hosted domain server), as other posters said that didn't work. The issue seems to be buried in the profile and something needs to be nuked to be able to reconnect to "work school".
|
|
![]() |
|
jellybelly ![]() Newbie ![]() Joined: 24 Sep 2018 Online Status: Offline Posts: 6 |
![]() ![]() ![]() |
Hi Pimpfish,
I found a way to make this work. Here is my situation and the steps we take for a successful migration... We were 'cloud first' using AzureAD and are now standing up an on-premise AD server so that we can use GPOs. All of our users have been connected to O365 with their work account for some time but their workstations are all in WORKGROUP. The key to success is rebooting the user's workstation to get a 'fresh' session. Then navigate to Windows Settings > Account > Access work or school. Select account and disconnect. Now migrate the user - I am using migrate.exe generated from forensit tool rather than the gui. If you do it this way, you must run as Administrator. Let me know if you want more detail. I have documented all the steps... I never found a way to fix the workstation login loop. The utility supplied by Forensit was hit-or-miss. I wound up rebuilding the user's profile manually. We have successfully migrated about 40 users so far. |
|
![]() |
Post Reply ![]() |
Page 12> |
Forum Jump | Forum Permissions ![]() You cannot post new topics in this forum You cannot reply to topics in this forum You cannot delete your posts in this forum You cannot edit your posts in this forum You cannot create polls in this forum You cannot vote in polls in this forum |