Robocopy correct syntax for copying user profiles

Have you tried this GUI ?

http://technet.microsoft.com/en-gb/magazine/2006.11.utilityspotlight.aspx

You can NOT migrate user profiles into another domain like this. The user's registry contains security settings as well, and these will NOT be migrated to the new domain simply by copying over the user's registry file (ntuser.dat).
If you want the profiles to work without issues in the new domain, you'll need to resort to something like Microsoft' USMT or MoveUser.exe, or a third-party tool like ForensIT's User Profile Wizard.

Windows User State Migration Tool (USMT) Version 3.0.1
http://www.microsoft.com/downloads/details.aspx?familyid=799ab28c-691b-4b36-b7ad-6c604be4c595&displaylang=en

Windows Server 2003 Resource Kit Tools
http://www.microsoft.com/downloads/details.aspx?FamilyID=9D467A69-57FF-4AE7-96EE-B18C4790CFFD&displaylang=en

User Profile Wizard 3.0
http://www.forensit.com/domain-migration.html

I imagine permissions are not an issue because you are moving the files to a new domain.

If so, try this:
robocopy d:\data\home p:\Profiles /E /W:5 /R:1

/E - recurse through subdirectories
/W:5 wait 5 seconds on retry
/R:1 retry 1 time

This will copy all files including subdirectories.  When it hits a file that it cannot copy (NTUSER.DAT) it will pause for 5 seconds, try one more time (I do this to make sure the copy is not hampered by a temporary network problem) then move on to the next file.

Good luck.

I didn't make myself clear, apologies......the new server will become the new DC and the old one will be retired.  DO I need to complete this operation AFTER the new server becomes the primary?

Looks like you've got the command correct, but as oBdA points out, this isn't necessarily going to work for you in the end. I'm guessing that these are Roaming Profiles, if they're on a DC? (if they're local profiles that you use to log onto the SBS machine for Admin, you probably won't need to migrate these at all). The other assumption is that you are just moving the location of these Roaming Profiles within a domain (if you're trying to move them into another domain, take a look at oBdA's suggestions for tools as this way won't work).

Assuming that they *are* Roaming Profiles and that you're just moving the location of them, the NTUser.dat file gets locked when a user logs onto the network and the lock doesn't always get released. If you can do this out-of-hours, simply rebooting the server will close all of the open handles and the robocopy commands you already have will work, provided no users log on again in the meantime. If downtime is going to be an issue, you can force the handles to be closed with a third-party app like Unlocker (http://ccollomb.free.fr/unlocker/), but I wouldn't recommend doing it this way.

Lastly, you'll need to update the location that the user's accounts look for their Roaming Profile when they log on (either in the AD User object, or in a/the GPO that overrides this).

I'd recommend doing all this *before* you move DCs and retire SBS, as you can get this working in advance, which means one less thing to panic about when you remove SBS later :)

HTH,

Kev

Thanks, I'll have a go at migrating these roaming profiles over this evening.

I had a look forensit.com, but the pricing is a little O.T.T.  We only have about 10 users with roaming profiles, all the laptop users had it switched to local only.  With that in mind, I may just switch the 10 to local then when I have the new Domain Controller setup, change the path on AD to point to the new location then switch them back on again.  Any draw backs to doing it this way you can see?  

It would help tremendously if you would let us know whether you're doing a migration into another domain, or a domain upgrade (with the W2k8 machine being a DC in the SBS domain).

From your first post, it sounds like you're just installing another DC into your SBS domain (not migrating from one domain to another). If that's the case, then copying the profiles will work fine without any 3rd party tools. Provided that the user can access their Roaming Profile over the network at logon via a network share, neither the user's PC nor the DC will care where the share is located.

Tell me if I've misunderstood, but if this is the case it should be fairly straight forward :)

Cheers,

Kev

No Kev, I will be REPLACING the SBS server with a new Windows 2008 Domain Controller.  Our domain will then be 2008 based and I'm going to beat the SBS server to death with a shovel.

-Juddy-,
again: "replacing" doesn't mean anything. Are you UPGRADING your domain (is the W2k8 currently a DC in the SBS domain?) or are you MIGRATING into a NEW domain created from scratch on the W2k8 machine?
Oh, and btw., the Personal Edition of the ForensIT tool is free; it lacks the scripting capabilities, but they're not really required for 10 accounts.

kevdines,
please read my comment at http:#33499545 again: registry permissions will NOT be magically changed if the registry file is copied using any file copy tool; that's why the "Copy Profile" mini-wizard in the local profile settings and tools like MoveUser.exe exist.
Start regedit, go to HKCU, right-click any key and open the permissions. You *will* find your account in there, and this account's SID *will* *remain* if ntuser.dat is copied into the profile folder of another domain's user account, where it will be an *unknown* account.
This will only work if all users are local administrators on their machines, but even then it's certainly not good practice.
The profile can/should be copied only if the location is moved to another server in the *same* domain, which is why I'm asking whether this is a migration or an upgrade.

What about the points for this question?

Our domain is my-company.com, the Win 2K8 server is currently a member server, I'm going to promote the 2K8 server to be the new DC and keep the my-company.com domain, but it will now be run from the new 2K8 server.  The SBS server will then be demoted and binned.

zsaurabh, what do you mean?

So when I try to copy the profile and I get errors like access is denied to NTUSER.DAT this is becuase the user is logged in, yes?

No, a roaming profile is copied to the client machine on user logon, and only copied back when the user logs off. In between, you usually can do anything you want with the server copy (but these changes will be undone when the user logs off and replicates his local copy back to the server).
Access denied can either happen because there is still a handle left open from the copy (shouldn't be) or because you really don't have access. Check the security settings of the files and folders in question.

For the sake of argument, just indulge me!! If I were to change the ten accounts to local profiles, change the path of the profile folders in AD then switch the profiles back to roaming...would this work?

I'd try that with a test account first ... I've seen too many strange things happening with roaming profiles to rely on anything.
Copying the profile folders during a server migration usually worked for me (permissions assumed).