2

I'm trying to automate the desktop file migration of user accounts for some of our legacy users. I have a powershell script that can remove them from whatever domain the may be joined too, then join our current domain. But I want to copy files from the old user account to their new domain account, but how can I add the domain user profile to the local computer without breaking my powershell script and then starting it again.

I've got Admin access to Local Machine, New Domain, and User credentials. Just need something like Add-User -Credential $USRcred -DomainName $DOMAIN or something. My users already exist in the new domain, I just need their user profile downloaded/setup on the local machine.

Mikel Farley
  • 21
  • 2
  • To the best of my knowledge, the only way to do that is for the user to log in. – Harry Johnston Mar 13 '17 at 22:43
  • That seems like a major oversight by Microsoft (not that I'm surprised). I've noticed that I **AM** able to launch programs as another user, like starting a new powershell with a different user's permissions, but that's not helpfully for my project. – Mikel Farley Mar 13 '17 at 23:20
  • 1
    It's not an oversight as Microsoft do support domain migration with [ADMT](https://technet.microsoft.com/en-us/library/cc974332(v=ws.10).aspx), they just don't support the labor-intensive manual way you want to do it. ADMT can migrate both [Roaming and Local Profiles](https://technet.microsoft.com/en-us/library/cc974427(v=ws.10).aspx) for you. – henrycarteruk Mar 14 '17 at 09:14
  • Also there is `USMT` which has the `/mu` flag that can be used for cross domain migration `/mu:OldDomain\OldUser:NewDomain\NewUser` on an individual level. – BenH Mar 14 '17 at 14:08
  • you can use `runas` from sysinternals or WinRM directly if enabled to remotely execute your script on the local computers – Ronald Rink 'd-fens' Mar 14 '17 at 19:19
  • The `LogonUser` API function will create the user's profile if it does not already exist. But I'd consider this risky, I'm not certain that the first-time setup will behave entirely correctly if the user profile already exists. That could cause hard-to-diagnose bugs later on. – Harry Johnston Mar 15 '17 at 21:42

0 Answers0