Migrate Accounts from Local to Domain Profile

Source: https://community.spiceworks.com/how_to/145013-migrate-local-user-profile-to-domain-profile

This post is meant as an archive of this information due to its overall usefulness. Everything hereafter is credit to Felix Gorovodsky.

Step 1: Step 1

Join computer to new domain and restart it

Step 2: Step 2

Login in on old local account

Step 3: Step 3

Grant full permissions on your home folder, such as C:\USERS\testuser, keep in mind to check the option to replicate permissions to all child objects. Don’t worry about not setting permissions on few folders like Documents/My music/Pictures etc. These are not real folders, they are just links, so no permissions can be set. Just ignore them.

Step 4: Step 4

After this open Regedit

Step 5: Step 5

Right-click on HKEY_CURRENT_USER and select permissions

Step 6: Step 6

In new window click Advanced, then Add, and then type in DOMAIN ACCOUNT NAME. You may need to provide domain admin credentials to query AD.

Step 7: Step 7

Select user, then check following options:
A- Apply to: This Key and subkeys
B- Full Control
C- DO NOT SELECT LAST CHECKBOX – apply these permissions to objects and/or containerswithin this container only

Step 8: Step 8

Click Ok, then ok, then ok

Step 9: Step 9

Wait till finish and restart computer

Step 10: Step 10

Login to domain account, this will local profile, store SID information in registry etc.

Step 11: Step 11

Logout from domain profile, restart and login to local admin account

Step 12: Step 12

Open registry, navigate to HKLM\Software\Microsoft\Windows_NT\CurrentVersion\Profile List

Step 13: Step 13

Find the one, with local path to profile in key: ProfileImagePath, copy value of this key, eg. C:\Users\test.local

Step 14: Step 14

Find the other one with newly created profile path, eg. C:\Users\test.user.domain

Step 15: Step 15

Replace value of ProfileImagePath from old profile, eg. C:\Users\test.user.domain with C:\Users\test.local

Step 16: Step 16

Double check permissions for folders, check value of the keys.

Step 17: Step 17

If everything is ok, reboot computer and try to login to new domain profile. You should be welcomed with old desktop and settings.

Step 18: Step 18

One thing to remember, all outlook passwords need to be re-entered since credentials storage is wiped.

Leave a Reply

Your email address will not be published. Required fields are marked *