SharePoint 2010 - Migrate Users with Move-SPUser from one Active Directory to another

I recently ran into a scenario where a customer was migrating their Active Directory users to a new domain to reflect a naming change for their company. I was tasked with researching and documenting the steps required to migrate their SharePoint 2010 users.

After reading a few different blogs and some Technet articles I found that it was a pretty simple task using basically one powershell cmdlet - Move-SPUser.

List current user in a SP Site:

If you want to list the current users who have access to a SharePoint site you can use the following cmdlet:

Get-SPUser -Web [URL of SiteName to scope]

This will give you a list of current users/Groups with permissions on the site. You can also find this list in the Content_Database in SQL under the dbo.AllUsers table.

The first thing I always do before making any changes is a backup of the Sharepoint Site Collection - seehttp://technet.microsoft.com/en-us/library/ee748617.aspx#section2.

Once the backup is complete you can start migrating your users: Depending on the authentication method your site users E.g. Claims or Classic NTLM you will need to adjust the username.

To migrate the users to the new domain:


(Note for Claims based you woud enter username format as :i:0#.w|domain\user)

$user = Get-SPUser -web http://my.website.url -Identity DomainA\UserA
Move-SPUser -IgnoreSID -Identity $user -NewAlias 'DomainB\UserA'

Currently this does user by user but you can write this up with a CSV as well and import the list. I am working on that script now for my company and will post when it is complete.