SharePoint 2010: Migrate Users to new Active Directory Environment

posted Aug 31, 2015, 3:09 AM by Benny Skogberg
When switching from one AD-environment to another, you sometimes end up with users who don't get imported correct. You see them when they don't have first name and last name when they are logged in to SharePoint. They have <domain>\<username> visible instead.

But let's start from the beginning and migrate the users with the following command:

STSADM –o migrateuser –oldlogin OLDDOMAIN\user1 –newlogin
    NEWDOMAIN\user1 –ignoresidhistory

After that you need to run a full user profile synchronization. When this is done, continue and see which users where not imported correct.

# Clean up accounts that is not imported correctly

$upsa = Get-SPServiceApplication | Where-Object {$_.TypeName -like
    "User Profile Service Application"}

# List all user accounts that is not imported correctly
Set-SPProfileServiceApplication $upsa -GetNonImportedObjects $true

# Remove user accounts not imported correctly 
# Uncomment line below to run
Set-SPProfileServiceApplication $upsa -PurgeNonImportedObjects $true

# Run a full User Profile Service Syncronisation, and make sure users
# end up in Profile database.
# If not, users who log in will create new NonImportedObject accounts

This might have to be repeated several times, especially if you're in a live environment where users login during the day. Eventually these orphan user profiles will disappear.
If you have a lot of users, the script will take a lot of time - so please be patient unless you get an error from PowerShell.
Good Luck!