Windows 2008 R2 - Move roaming profiles from old domain to new domain

Posted on 2011-04-20
Last Modified: 2013-12-23

Windows 2008 Standard server (DC, DNS, Roaming Profiles), burned. The drive information was recovered but the actual backup drive was not working either so system restoration is out of the question.

A new Windows 2008 R2 server was built and userIDs were recreated froom scratch. Same domain name but obviously the new userIDs have new SIDs.

Client workstations run mixed with XP, Vista and Windows 7, all pro versions or better. The user-side equipment has not changed.

The old recovered data has the user's roaming profiles intact, along with the logon scripts which have been adjusted for the new server.

Questions for sanity check:

1) What is the best way to get these profiles to the new server and make them accessible to the new user accounts?

2) I read that Robocopy is the best way to migrate the old roaming profiles to a new system with Windows 2003 so that it will take on the permission sets. Is this logic and process valid and will it also work with 2008?

Thanks in advance for the support.


Question by:jefferybush
    LVL 18

    Accepted Solution

    It is true that robocopy is able to copy the permissions and does a great job of it.  however, you don't really want to do that because it would just bring over the ACLS with SIDs from the old domain and those aren't of any use in the new domain.  You are probably looking at recreating the permissions on all folders and files you bring in sing the groups in the new domain.  there are other tools such as Quest Migrator, but I don't know that those will work because your old domain does not exist and so the tool cannot resolve the SID in the ACL of a folder/file to a name to match it with the same name (but different SID) in the new doamin.
    LVL 1

    Author Comment

    Thanks, Don. I was going to have the users log in and generate a new profile, then copy the old data into the new one. This would be a very good plan if there weren't so many of then, and so much data....
    LVL 18

    Assisted Solution

    by:Don S.
    In that case, you coud use robocopy or even just plain copy, but you would not want to have robocopy copy the permissions, those would be rebuilt automatically based on the permissions in the parent folder, which should be set correctly when they were created by the user upon first logon.

    Featured Post

    Do You Know the 4 Main Threat Actor Types?

    Do you know the main threat actor types? Most attackers fall into one of four categories, each with their own favored tactics, techniques, and procedures.

    Join & Write a Comment

    Join Greg Farro and Ethan Banks from Packet Pushers ( and Greg Ross from Paessler ( for a discussion about smart network …
    This tutorial will walk an individual through the steps necessary to enable the VMware\Hyper-V licensed feature of Backup Exec 2012. In addition, how to add a VMware server and configure a backup job. The first step is to acquire the necessary licen…
    This tutorial will walk an individual through the steps necessary to install and configure the Windows Server Backup Utility. Directly connect an external storage device such as a USB drive, or CD\DVD burner: If the device is a USB drive, ensure i…

    733 members asked questions and received personalized solutions in the past 7 days.

    Join the community of 500,000 technology professionals and ask your questions.

    Join & Ask a Question

    Need Help in Real-Time?

    Connect with top rated Experts

    18 Experts available now in Live!

    Get 1:1 Help Now