Migrate Computers from One Domain to Another With PowerShell
The process to migrate computers from one domain to another via PowerShell is quite complex. Users have to maintain the overall structure of the Active Directory Organizational Unit and align numerous group policies too. Apart from this, as a computer itself has no limit on the number of users, it adds another layer of complexity.
Therefore, organizations preparing for this task must have a detailed plan with step-by-step instructions. Hence that’s exactly what we deliver here: this blog contains a robust guide with PowerShell commands and their explanations as well. Without further ado, let’s start by discussing the pre-migration steps.
Pre Requisites of A PowerShell Script to Move Multiple Computers to Different Domain
The prerequisites are covered in multiple phases. Be sure not to skip any one of them as it can lead to errors down the line.
Phase 1 – Get the Active Directory PowerShell module:
- Step-1. Use the domain administrator account and log in to the member server.
- Step-2. Launch a new PowerShell console.
- Step-3. Type in the following command.
Add-WindowsFeature RSAT-AD-PowerShell
- Step-4. Press Enter and wait for the module installation to complete.
Phase 2 – Establish & Verify Trust With The New Domain:
If you add a new domain to an AD Forest it automatically establishes trust with all other domains. However if still in doubt use this command to double-check the trust new domain. Use this command to check if the trust was established or not.
Get-ADTrust -Filter *
Phase 3 – Make a List of All Permissions and Accounts Attached to the Computer(s):
Get all the data regarding the computer’s current settings so it becomes easier to verify and establish it in the new domain. Use the following command:
Get-ADComputerServiceAccount -Identity UserComputerAccount1
Phase 4 – Create a Backup of Current Settings:
Using the checkpoint command you can save a backup of the current computer settings. Moreover, it provides a safety net while attempting to migrate computers from one domain to another using PowerShell. Execute the command given below:
Checkpoint -Computer -Description "DomainChange" -RestorePointType MODIFY_SETTINGS
Explanation:
Description: A mandatory parameter that indicates a user-defined name for a restore point.
RestorePointType: It simply means the type of restore point.
Note: PowerShell commands need to be modified on a case-to-case basis. Avoid direct copypasting, as it may jeopardize data security.
Additional Information: Learn to Move Office 365 Mailbox to Another User Account Using Step-by-Step Guide
These were just the steps for preparing for the migration. Up next we will cover the Powershell commands for an interdomain computer transfer.
How do I move computers in Active Directory using PowerShell? Explained
For this task, we are going to apply the Move-ADObject cmdlet. This command can directly move a computer object from one domain to another that exists in a single AD forest.
This operation of moving a computer between Active Directory domains requires users to specify both source and target domains. They should also have preestablished mutual trust.
Apart from this, the source and target DC also need the owner’s role in the domains of RID Master FSMO. Below is an example of moving the computer between AD domains.
Get-ADComputer -Identity UserPC | ` Move-ADObject ` -TargetPath "OU=Computers, DC=TargetDomain, DC=tld" ` -TargetServer "TargetDC.TargetDomain.tld " ` -Server "SourceDC.SourceDomain.tld"
In case your organization does not use the default AD format the above-mentioned command may fail to deliver results.
An alternative way to use a custom PowerShell script to move multiple computers to different domains is to create a function. Here is a template that you can utilize. Please make the necessary changes to migrate computers from one domain to another via PowerShell for the best results.
function domain_move($compacc,$fqdn) {
$username_joinTarget=”DestinationDomain\DestinationServiceAccnt”
$password_joinTarget=cat“d:\scripts\server_move\AttachTarget.txt”|convertto-securestring
$cred_JoinTarget=new-object -typename System.Management.Automation.PSCredential –argumentlist $username_joinTarget,$password_joinTarget
$username_unjoinSource=”OriginDomain\OriginServiceAccnt”
$password_unjoinSource=cat“d:\scripts\server_move\RemoveSource.txt”|convertto-securestring
$cred_UnjoinSource=new-object -typename System.Management.Automation.PSCredential -argumentlist $username_unjoinSource,$password_unjoinSource
$Error.clear
Try {Add-Computer -ComputerName $compacc -DomainName $DestinationDomain -Credential $cred_AttachTarget -UnjoinDomainCredential $cred_RemoveSource -Server $TargetDC -PassThru -Verbose}
Catch {return $false}
Start-Sleep -Seconds 15
Restart-Computer -ComputerName $fqdn
return $true}
With all these complicated Powershell methods users may wonder if there is an easy way out. We are glad to inform you that yes of course there is. Find out everything about the professional utility in the next section.
Easy Way to Migrate Computers from One Domain to Another Without PowerShell
It is not a surprise that even experts tend to avoid the highly technical Powershell commands. And in order to do that, they recommend the SysTools AD Migration Tool. The simple GUI-based utility applies advanced algorithms to move Active Directory object quickly and effectively. Download the tool and get a first-hand experience yourself.
Moreover, the software completely eliminates the risk of data loss that comes with using PowerShell commands. Apart from this, it is incredibly easy to use. Here is a list of steps to follow.
Step-1. Launch the tool, and type “administrator” in place of both the user ID and password.
Step-2. Press “Register Domain Controller”, type name, IP then click on “Save & Continue”.
Step-3. Repeat the same step for the destination domain and proceed further.
Step-4. Click on the source domain, enter the admin credentials, then hit “Save & Continue”.
Step-5. Go to the Active Directory section, and press “Fetch Active Directory Objects”.
Step-6. Repeat the same step for the destination domain and proceed further.
Step-7. Create Migration Scenario in Migration Section, enter the name, and select source & target.
Step-8. Create a new task, pick the computer as workload, & hit the “Save & Continue” button.
Step-9. When all chosen objects are visible click on the (…) to either create or merge.
Step-10. Once the mapping completes, hit the start task, then press start in the pop-up box. 
Step-11. After migration, the tool can generate a domain-wise or migration-wise report.
These easy-to-follow steps are just one reason to use the tool for inter-domain data migration. A few more reasons why this tool is the preferred choice for both technical and non-technical users are discussed ahead.
Read More: Find Out How to Import PST to Office 365 Without Duplicates Easily
Why Choose the Tool Migrate Computers from One Domain to Another
A toned-down list of all the features that make this tool the market leader for moving computers in Active Directory.
- Receive 24/7 personal help for any user inquiries.
- Enjoy the option of both inter-forest and intra-forest migration.
- Move users, along with their device and application permissions, and
- Create detailed reports at both the domain and migration levels.
- Take advantage of the multiple job creation feature
- Relocate multiple Active Directory objects simultaneously.
- Combine with an existing one or form a new object at the target Domain.
- Works with all versions of Windows Server from 2019 to 2012 R2.
Conclusion
With this, our discussion on how to migrate computers from one domain to another using PowerShell comes to an end. All in all, we saw that the PowerShell method is time-consuming, error-prone, and requires expert-level knowledge. Therefore, to avoid the hassle, it is better to choose the automated utility.