• Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 694
  • Last Modified:

How to Migrate old SBS User Profile to New Domain?

I have a couple computers on the network that were in a SBS domain. Then I had to wipe out my SBS server and re-install.

Now when I run the 'ConnectComputer' wizzard on a client computer that used to be in the old SBS Domain, it doesn't show the old SBS profiles )that are still physically on the client computer) , it only shows profiles that were created on the local machine such as 'Administrator' and 'User1' etc. I even tried to go to My Computer Properties > Advanced Tab > Profiles...but it doesn't show the old SBS profile in the list, though the profile and the profile folder IS on the pc in Documents and Settings > usersprofilename?!?

How can I migrate an old SBS user profile so the user can use the same profile in the new SBS domain?
0
Matrix1000
Asked:
Matrix1000
  • 6
  • 3
2 Solutions
 
Jeffrey Kane - TechSoEasyPrincipal ConsultantCommented:
You can "cheat" the system to accomplish this... see this article for the how-to:
http://www.certmag.com/articles/templates/cmag_howto.asp?articleid=819&zoneid=91

Jeff
TechSoEasy
0
 
Jeffrey Kane - TechSoEasyPrincipal ConsultantCommented:
Y'know... I hadn't reviewed that article in awhile and just did so... realizing that it tells you to copy the existing profile from the place where you say you can't see it... this should actually just work by copying the profile out of the documents and settings folder to somewhere else... don't worry about the NTUSER.DAT and associated log file though... they aren't necessary.

Jeff
TechSoEasy
0
 
ChadHooperCommented:
I had a quick glimpse at the document a while back, and felt that there is an easier way:

Rename the users profile to username.old
Run connectcomputer, and set it up for the user with a new empty profile
Log in as the user
Log off and log in as a user with local admin rights
Make a note of the permissions and delete the users newly created profile
Rename the username.old profile to match the one you just deleted
Modify the permissions on that profile
Log in as the new user again to check it works
0
VIDEO: THE CONCERTO CLOUD FOR HEALTHCARE

Modern healthcare requires a modern cloud. View this brief video to understand how the Concerto Cloud for Healthcare can help your organization.

 
Jeffrey Kane - TechSoEasyPrincipal ConsultantCommented:
ChadHooper...

Since you've now posted that set of steps on a couple of questions in the SBS Topic Area, I thought it would be important to point out that this would break all of the important features of Small Business Server, such as the automatic configuration of Outlook.

In essence you are deleting some of the items created by connectcomputer.

Jeff
TEchSoEasy
0
 
ChadHooperCommented:
Thanks for your feedback Jeff.

As far as I'm aware, practically all user settings within SBS2003 are set via group policy. My experience with this at several sites has been flawless. No single feature of SBS2003 appears to be compromised by doing this. The only issue I have with it is that the Outlook profile needs to be deleted, which needs to be reconfigured the next time Outlook is run. Everything else works fine - users home page is still set to http://companyweb, security settings remain intact, and all remote features continue to work fine.

Can you be more specific as to what problems there  - I don't want to give out bad advice, but this method in my experience does seem to be flawless. Likewise, I have used this method at over a dozen sites, and if something is broken I want to fix it. Again though, none of these sites have experienced any problems with this method.
0
 
Jeffrey Kane - TechSoEasyPrincipal ConsultantCommented:
Chad,

It's difficult to say what will and what won't work if you do it the way you are describing... because that, of course, depends on how things were configured prior to running the connectcomputer wizard.  I'm sure that you've seen cases before where a computer was joined to a domain and a new profile is created called "username.DOMAIN" instead of just "username"... this is pretty common and not generally an issue.  Except --- THEN, an errant program decides that it wants to keep using the ntuser.dat file from the old profile... or it thinks it needs to create an entirely NEW profile path for it's application data folder.

Many of those things are standard problems when you copy a profile over rather than allowing Windows to build it.  These are caused by variations in the registry keys for items which reference the SID of the user.  EACH of these keys would need to have the permissions changed as well if you are to be completely successful with copying the old profile.

So, how does this relate to SBS's features?  First, look at all that connectcomputer does:
http://msmvps.com/blogs/bradley/archive/2005/01/23/33632.aspx

Most of it is computer related, not user related... howver there are a few items that matter... the most important is that SBS has a unique utility it runs called moveuser.exe which does the profile migration.  I haven't fully traced what all this utility does... but as far as I've seen it does go into the registry to make sure that permissions are correct in addition to the other items that are listed in the article I linked above.

Since most of the user and computer settings are kept in C:\Program Files\Microsoft Windows Small Business Server\Clients on each workstation, your solution COULD work much of the time... but I would be very hesitant to say that it would work ALL the time.  Basically, the procedure outlined in the certmag article is only a few more steps than yours... the main difference is that instead of renaming the profile you are referencing it in the user settings and allowing Windows to generate a completely new one based on the old.  I'm just more comfortable with this and believe that taking 3 or 4 more steps the first time is much better than troubleshooting a "strange" behavior later on.

Jeff
TechSoEasy
0
 
ChadHooperCommented:
Cheers for the indepth info Jeff. You are definitely right, and I withdraw my comment above. I will definitely go with the other route for the future. Everything does work fine at the sites that I have done this for, but all of those sites have Domain Users in the Local Administrators group on each computer. On the odd occasion when somebody logs on to a machine that they don't have Local Admin rights on, all sorts of strange things start happening - probably down to what you said about permissions on registry keys.

Cheers once again.
0
 
Jeffrey Kane - TechSoEasyPrincipal ConsultantCommented:
No problem.. thanks for asking for the more detailed info... it's not always easy to post that level of info on an initial reply, but I do understand the need to get a better grip on this stuf!  :-)

Good Luck!

Jeff
TechSoEasy
0
 
joselecaCommented:
Hi,

I have tried ChadHooper solution but came across with one problem. The procedure only works if I disable User Account Control. With User Account Control on, the new user with the old profile does not login. It starts the login process but just immediately makes logoff. I will appreciate any help.

Thank you.
0
 
Jeffrey Kane - TechSoEasyPrincipal ConsultantCommented:
This question was originally asked before Vista was released, therefore UAC wasn't a factor.  Thanks for adding the extra info though.

Jeff
TechSoEasy
0

Featured Post

Free Tool: Path Explorer

An intuitive utility to help find the CSS path to UI elements on a webpage. These paths are used frequently in a variety of front-end development and QA automation tasks.

One of a set of tools we're offering as a way of saying thank you for being a part of the community.

  • 6
  • 3
Tackle projects and never again get stuck behind a technical roadblock.
Join Now