Migrate SharePoint Users from One Domain To Another using Move-SPUser

During a acquisition, Our company decided to merge with an acquired company’s AD by re-creating their user Ids in our AD. Also, the acquired company had a bunch SharePoint sites and we wanted to migrate them to our SharePoint environment.

That brought another challenge of re-mapping user Ids with permission between domains. How do we migrate SharePoint users from one domain to another domain?

How to migrate users from one domain to another in SharePoint? 

Well, In SharePoint 2007 days, I used STSADM to migrate users between domains:
Stsadm -o migrateuser -oldlogin domain\OldUserID -newlogin domain\NewUserID -ignoresidhistory 

Now with SharePoint 2013, Its replaced with the PowerShell cmdlet: Move-SPUser.

$Web = Get-SPWeb $WebURL


$OldUser = $Web.EnsureUser($OldID)
Move-SPUser -Identity $OldUser -NewAlias $NewID -ignoresid -Confirm:$false

Rather than moving users one by one, we prepared a CSV file, mapping users from one domain to a new domain, and used PowerShell script to migrate users in bulk.

Here is my CSV file structure:

sharepoint migrate users between domains

The CSV file just maps the old SAMAccountName with the new one.

PowerShell script to Migrate Users from one domain to another:

Add-PSSnapin Microsoft.SharePoint.PowerShell

#Import data from CSV file
$UserData = Import-CSV -path "C:\Accounts.csv"

#Iterate through each Row in the CSV
foreach ($Row in $UserData)
    write-host "Processing user:" $row.Email

    #Site collection URL
    $siteURL ="https://intranet.crescent.com"
    $site = Get-SPSite $siteURL

    foreach($web in $site.AllWebs)
        #Get All Users
        $UserColl = Get-SPUser -web $web.Url

        foreach ($User in $UserColl)
            #Get values from CSV File
            $OldUserID= $Row.OldUserID.Trim()
            $NewUserID =$Row.NewUserID.Trim()
            $Email = $Row.Email.Trim()

            #Search for Old User Accounts
                #Update the User E-mail
                Set-SPUser -Identity $User.UserLogin -Email $Email -Web $web.URL

                $NewUser = $User.UserLogin.replace($OldUserID, $NewUserID)

                #Migrate user from Old account to new account - migrate users to new domain
                Move-SPUser -Identity $User -NewAlias $NewUser -IgnoreSID -confirm:$false
                write-host "User Migrated: $($User.userlogin) at site $($web.Url)"

This PowerShell script migrates users to new domain programmatically.

You can use Move-SPUser cmdlet in situations like:
  1. User Account deleted and Recreated in AD (with new Sid)
  2. User Account changed from One Domain to another domain
  3. User Account’s Login ID is changed (such as due to last name change).

Migrate AD Groups in SharePoint from Old Domain to New Domain:

Use this PowerShell script to migrate active directory security groups from one domain to another domain.

#Old and New Groups

#Migrate AD Group
$Farm = Get-SPFarm
$Farm.MigrateGroup($OldLogin, $NewLogin)

OK. Now, How to get all unique users and AD Groups to CSV file at site collection-web application or farm level ? Well, use these PowerShell scripts:

Salaudeen Rajack

Salaudeen Rajack is a SharePoint Architect with Two decades of SharePoint Experience. He loves sharing his knowledge and experiences with the SharePoint community, through his real-world articles!

13 thoughts on “Migrate SharePoint Users from One Domain To Another using Move-SPUser

  • May 24, 2019 at 5:54 AM

    Does this script copy site/list/library permissions also ?

  • November 24, 2018 at 1:31 PM

    Thanks for the script. Can we get an out-file for migration accounts failed?

  • November 9, 2017 at 5:23 AM

    Thanks for the script.
    Could you help in migrating the users for multiple sitecollections?

  • July 21, 2017 at 2:32 PM

    I have migrated user account from old domain to new domain. however he is not able to approve or review the workflow task assigned to his old domain account with his new domain migrated account.

    Error:The user who attempted to complete the task is not the user to whom the task is assigned.

  • May 26, 2017 at 4:27 PM

    I got the following error message:

    You cannot call a method on a null-valued expression.
    At line:23 char:13
    + $Email = $Row.Email.Trim()
    + ~~~~~~~~~~~~~~~~~~~~~~~~~~
    + CategoryInfo : InvalidOperation: (:) [], RuntimeException
    + FullyQualifiedErrorId : InvokeMethodOnNull

  • April 7, 2017 at 4:02 AM

    Will this remove the old domain username? I’d like to keep both for Co existence

  • March 6, 2017 at 3:40 PM

    Does this process require trust between the old and new AD domains? I am about to undertake this exact process, and due to reasons beyond my control we are not allowed to establish trust between the domains.


Leave a Reply