Migrate SharePoint Users from One Domain To Another using Move-SPUser

During an acquisition, Our company decided to merge with an acquired company’s AD by re-creating their user Ids in our AD. Also, the acquired company had a number of SharePoint sites, and we wanted to migrate them to our SharePoint environment.

That brought another challenge of re-mapping user Ids with permission between domains. How do we migrate SharePoint users from one domain to another domain?

How to migrate users from one domain to another in SharePoint? 

Well, In SharePoint 2007 days, I used STSADM to migrate users between domains:
Stsadm -o migrateuser -oldlogin domain\OldUserID -newlogin domain\NewUserID -ignoresidhistory 

Now with SharePoint 2013, It’s replaced with the PowerShell cmdlet: Move-SPUser.

$Web = Get-SPWeb $WebURL


$OldUser = $Web.EnsureUser($OldID)
Move-SPUser -Identity $OldUser -NewAlias $NewID -ignoresid -Confirm:$false

Rather than moving users one by one, we prepared a CSV file, mapping users from one domain to a new domain, and used the PowerShell script to migrate users in bulk.

Here is my CSV file structure:

sharepoint migrate users between domains

The CSV file just maps the old SAMAccountName with the new one.

PowerShell script to Migrate Users from one domain to another:

Add-PSSnapin Microsoft.SharePoint.PowerShell

#Import data from CSV file
$UserData = Import-CSV -path "C:\Accounts.csv"

#Iterate through each Row in the CSV
foreach ($Row in $UserData)
    write-host "Processing user:" $row.Email

    #Site collection URL
    $siteURL ="https://intranet.crescent.com"
    $site = Get-SPSite $siteURL

    foreach($web in $site.AllWebs)
        #Get All Users
        $UserColl = Get-SPUser -web $web.Url

        foreach ($User in $UserColl)
            #Get values from CSV File
            $OldUserID= $Row.OldUserID.Trim()
            $NewUserID =$Row.NewUserID.Trim()
            $Email = $Row.Email.Trim()

            #Search for Old User Accounts
                #Update the User E-mail
                Set-SPUser -Identity $User.UserLogin -Email $Email -Web $web.URL

                $NewUser = $User.UserLogin.replace($OldUserID, $NewUserID)

                #Migrate user from Old account to new account - migrate users to new domain
                Move-SPUser -Identity $User -NewAlias $NewUser -IgnoreSID -confirm:$false
                write-host "User Migrated: $($User.userlogin) at site $($web.Url)"

This PowerShell script migrates users to a new domain programmatically.

You can use Move-SPUser cmdlet in situations like:
  1. User Account deleted and Recreated in AD (with new Sid)
  2. User Account changed from One Domain to another domain
  3. User Account’s Login ID is changed (such as due to last name change).

Migrate AD Groups in SharePoint from Old Domain to New Domain:

Use this PowerShell script to migrate active directory security groups from one domain to another domain.

#Old and New Groups

#Migrate AD Group
$Farm = Get-SPFarm
$Farm.MigrateGroup($OldLogin, $NewLogin)

OK. Now, How to get all unique users and AD Groups to CSV file at site collection-web application or farm level? Well, use these PowerShell scripts:

Salaudeen Rajack

Salaudeen Rajack - Information Technology Expert with Two-decades of hands-on experience, specializing in SharePoint, PowerShell, Microsoft 365, and related products. He has held various positions including SharePoint Architect, Administrator, Developer and consultant, has helped many organizations to implement and optimize SharePoint solutions. Known for his deep technical expertise, He's passionate about sharing the knowledge and insights to help others, through the real-world articles!

13 thoughts on “Migrate SharePoint Users from One Domain To Another using Move-SPUser

  • Does this script copy site/list/library permissions also ?

  • Thanks for the script. Can we get an out-file for migration accounts failed?

  • Thanks for the script.
    Could you help in migrating the users for multiple sitecollections?

  • I have migrated user account from old domain to new domain. however he is not able to approve or review the workflow task assigned to his old domain account with his new domain migrated account.

    Error:The user who attempted to complete the task is not the user to whom the task is assigned.

  • I got the following error message:

    You cannot call a method on a null-valued expression.
    At line:23 char:13
    + $Email = $Row.Email.Trim()
    + ~~~~~~~~~~~~~~~~~~~~~~~~~~
    + CategoryInfo : InvalidOperation: (:) [], RuntimeException
    + FullyQualifiedErrorId : InvokeMethodOnNull

  • Will this remove the old domain username? I’d like to keep both for Co existence

  • Does this process require trust between the old and new AD domains? I am about to undertake this exact process, and due to reasons beyond my control we are not allowed to establish trust between the domains.


Leave a Reply

Your email address will not be published. Required fields are marked *