Issue:
USING PROFIZ TO MIGRATE LOCAL WINDOWS 10 USER TO AZURE AD
Summary:
In migrating companies Windows 10 desktops to Azure AD either for a new company setup, hybrid configuration or moving them away from having a local server, we have run into issues migrating the existing Windows 10 local user (or Microsoft Domain) profiles to Azure AD.
Most users have their desktop setup with their personal configurations such us Outlook, data, browser configurations, Instant Messenger login, Cloud Sync software, etc. Without having to create a new Windows Profile, you can migrate your existing windows profile to the new Azure AD profile.
Solution:
FORENSIT PROFILE WIZARD – MIGRATING LOCAL ACCOUNT TO AZURE AD
- Download this executable script: Save-AzureADUser.ps1
- On the computer where you’re doing the profile migration run the .ps1 file with powershell
- You will be prompted to install an Azure AD model, say Y
- If Powershell crashes open elevated powershell and manually run:
Install-Module -Name AzureAD
If you’re prompted to install a module from an untrusted repository, type Y and press Enter.
- Now re-try running the Save-AzureADUser.ps1
- You should be prompted to sign into Microsoft
- Sign in with admin account
- Win Powershell will close and you should see a ForensiTAzureID.xml file appear in the same folder as the powershell scripts – (uncertain it will consistently save to that exact location at this time)
- Run ForensIT Profile Wizard (download link: https://www.forensit.com/downloads.html )
- Select Source User from available user accounts (local user)
- In the destination section type in the EMAIL as the account name. NOTE: You must have already signed in to that computer with that AD user or it won’t work. Goes without saying the computer itself needs to have already been domain joined with Azure AD in the first place.
- Where it asks if you want to join the domain or the local computer, from the drop down select the local computer then the domain again otherwise the “Next” button stays unhighlighted and you won’t be able to continue.
- ForensIT will automatically locate the .XML file that you created with Windows Powershell (without it you will get an error message as this .xml file contains all the needed information for the migration to work correctly – Azure AD user object id, email, etc.)
- You should see a white box showing progress as the Prof Wiz migrates the account, then it will say done and prompt you to restart the computer.
- Restart and sign in to the Azure AD account – it may take a while to log in as it updates, then verify all the data moved over correctly. (You will have to re-input the 2FA code and recreate the pin for the Azure AD user).
–
If you require further help, please leave a comment and we will answer it as soon as possible.
For professional IT support, please contact ProTek IT Solutions.