This article outlines the complete task flow for migrating folders and documents from Google Drive to OneDrive for Business. This migration requires an Azure subscription, which maximizes migration speed and bypasses throttling.
First time?
This migration guide contains the necessary steps to perform the actual migration, but there are many steps to preparing for migration. If this is your first time performing a migration, we have created a Migration Planning & Strategy Guide to walk you through planning, set-up, and general migration best practices. If you have never performed a migration before, we suggest reading that before beginning the steps outlined in this scenario.
MigrationWiz
MigrationWiz is a migration tool, not a syncing tool. If changes are made at the source after migration, they will not sync to the destination, nor will changes made at the destination sync to the source. We do not have “live” monitoring of changes (as with a sync agent) and cannot handle scenarios such as conflict resolution without user interaction.
Prerequisites
Licensing
We recommend that you purchase User Migration Bundle licenses for this migration scenario. User Migration Bundle licenses allow the performance of multiple migrations with a single license. For questions on licensing, visit MigrationWiz Licenses.
Use your license by following the next steps:
- Purchase Licenses.
- Create a Customer.
- Apply Licenses.
- Review Considerations.
Purchase licenses by following the steps below:
- Sign in to your BitTitan account.
- In the top navigation bar, click Purchase.
- Click the Select button and choose User Migration Bundle licenses.
- Enter the number of licenses you want to purchase. Click Buy Now.
- Enter a Billing address if applicable.
- Click Next.
- Review the Order Summary and enter a payment method.
- Click Place Your Order.
Create Customer on MSPComplete by performing these steps:
- Click the Add button in the top navigation bar
- Click the Add Customer button on the All Customers page
- Select the appropriate workgroup in the left navigation pane and click All Customers.
- Click Add Customer.
- Enter the new customer’s information in the Add Customer form. Primary Email Domain and Company Name are required. The rest are optional.
- Click Save.
- Repeat steps 1 through 4 for each customer you want to add.
Perform these steps on MSPComplete:
- Select the correct workgroup on the top of the left navigation pane.
Important
This is the workgroup which the customer and migration projects were created under. Your account must be part of the workgroup if the project was not created under your account. - Click Customers on the left navigation pane.
- Click the customer that employs the user to whom you want to use the User Migration Bundle license.
- Click the Users tab at the top of the page.
- Apply the license to the users by checking the box to the left of their emails.
- Click the Apply User Migration Bundle License button at the top of the page.
Tip
We recommend adding users to the Customer page with the vanity domain. Then apply the User Migration Bundle Licenses, before editing to show the .onmicrosoft domain, if the .onmicrosoft domain will be used for the migration. - Click Confirm if at least one unassigned User Migration Bundle license is available for each selected user.
Important
If there are no User Migration Bundle licenses currently available to be assigned and your role in the workgroup is Manager or higher, the form that appears provides all the necessary information and will walk you through the steps of purchasing User Migration Bundle licenses.
Licenses are released once payment has been received:
- Licenses are available immediately upon payment if you purchase via credit card.
- If you purchase via wire transfer (100+ licenses), the licenses will be available once payment is received and accepted.
- We do not accept purchase orders because of processing overhead.
In both cases, you will be notified by email that payment has been accepted and licenses are available in your account upon notification.
For more information on licensing, including coupon redemption and other licensing types, see our Licensing FAQ.
Limitations
Please consider the following limitations for this migration type:
- Items and folders in "Shared with Me" will not be migrated. Only items in "My Drive" will be migrated. To migrate "Shared with Me" items, they must be added to "My Drive".
- We are not able to support migrations with two-factor or multifactor authentication.
- The maximum file size for migration through MigrationWiz varies by migration type and environment, but may never exceed 60GB.
- Some item types are not migrated, click the bar below to check a full list. We are constantly working to create a better migration experience for you so these items may change.
OneDrive Migrations
Consider the following information for OneDrive migrations.
- OneDrive data may not be accessible for a few days after migration, due to OneDrive's crawling and indexing process. We suggest you have your users log in immediately after migration but let them know that their data may not be available immediately. For this reason, it may be best to complete the migration on a Friday so the indexing can happen over the weekend.
- If you migrate to a Microsoft 365 Small Business Tenant account, the processes will be very similar to the one above. However, you will not be able to use admin credentials for your Destination endpoint, instead use the end-user credentials.
- This endpoint does not support the User's personal site provisioning. If App-Based Authentication is in use at the Destination, the AO DestPersonalSiteIsProvisioned=1 must be used. Refer to Advanced Option.
- Due to versioning, storage usage in OneDrive may be increased when migrating with permissions.
- Due to limitations on connections allowed by GoDaddy, we do not support migrating to or from GoDaddy using this migration type.
- Changing the domain after the migration process will not automatically update the previously migrated destination file. Once data is migrated from one domain to another, any subsequent changes or modifications made to the source data or the domain will not automatically reflect in the destination file.
- If you encounter the error "Personal Site is not instantiated = PermissionsUserNotLicensed", this means that the OneDrive collection for a user does not exist and the admin account used for the migration does not have a full license assigned. To resolve this issue, assign a license to the admin account, and resubmit the migration.
Migrated Items
Please click the bars below to check the migrated and non-migrated items. We are constantly working to create a better migration experience for you so these items may change over time.
The following tabs show a list of migrated and not migrated items for Google Drive to OneDrive for Business migrations.
- Folders
- Folders you have shared
- Permissions
- G Suite native files
- Code Files
- Documents
- Images
- Executables
- Videos
- Audio Files
- Templates (files that the template had been applied to are migrated)
- Creation Date (Creation date gets changed to the "date of migration" date)
- Scripts/Macros (Scripts are not converted to macros when going to documents)
- Comments
- File/Folder permissions
- Items/folders in "Shared with Me”. These folders must be added to the user’s “My Drive” and FullCopy Mode must be used to migrate these items/folders.
- Shortcuts (Migrated in Google Drive to Google Drive scenarios only.)
- Google Shared Drives (also known as Team Drives)
- Only when SharePoint Online is the Destination
- Personal / Free Google Drive is not supported
- File/folder shortcuts
- Google Photos
Set up the Azure Environment
If using Microsoft-provided Azure storage, you can skip this section.
- Estimate Azure storage costs. This step is optional but is useful in providing the customer with upfront storage costs ahead of time.
- Buy an Azure subscription or use the free one-month trial. This option is only viable when performing a very small migration.
- Create an Azure storage account. You will need to set up a STORAGE (General Purpose v2) account rather than a storage blob. Take note of the storage account name and the primary access key. We recommend you create an Azure Storage Account in the same Microsoft data center as the Destination Microsoft 365 tenant. You do not need to create any Azure containers for this migration.
- Log in to http://portal.azure.com/
- Go to the Storage account you have created for Migration purposes.
- Click Access Keys for the access keys that need to be entered when creating the Destination endpoint. We recommend you create an Azure Storage Account in the same Microsoft data center as the Destination Office 365 tenant.
- Take note of the Storage Account Name and the Primary Access Key as follows:
- -accesskey – This is the Storage account name for the Blob, for example: “accountname”
- -secretkey - This is the access key for the Storage account, for example: “W1RrDfkPNkfYfdVqizMNJjn5mXchwMP5uYBY8MsMqWTA7EubG911+4fZlki0Gag==”
Prepare the Source Environment
The Google Drive (Own Service Account) connector launched in 2020 and requires the set up of a Google Service account. This significantly reduces the likelihood of the migration being throttled. This is the option we recommend for all Google Drive migrations. Follow the steps below under OAuth2 Requirements for Google Drive (Own Service Account) to set up your environment for this endpoint.
All accounts being migrated must be in Active status in the tenant. Inactive users cannot be fully migrated and will fail in the project.
OAuth2 Requirements for Google Drive (Own Service Account)
Google Drive Prerequisites
- Subscription to Google Cloud Platform.
- Google Super Admin account.
- Ability to set up a service account on the G Suite tenant.
- A Google service account must be set up before creating the MigrationWiz project.
Create a Google Project
- Go to the Google Cloud Platform (GCP) Console and sign in as a super admin. Choose one of the options below:
- If you have not used the Google Cloud Platform Console before, agree to the Terms of Service and click Create Project.
- If you have used Google Cloud Platform Console before, at the top of the screen next to your most recent project name, click Down to open your projects list. Then, click New Project.
- Enter a project name and click Create.
- When the new project creation completes, at the top of the screen next to the current project name, click the Down icon and select the newly created project name from the list.
If you cannot create a project here, it may be that the ability to create projects has been disabled for your tenant. To check this, navigate to the Google Admin Center click on Apps > Additional Google Services, and select the Google Cloud Platform. Once there, you should see a setting that can be toggled to allow users to create projects.
Enable APIs for Service Account
- Click Menu > APIs & Services > Library from the Google Cloud Platform Console.
- Enable the following APIs by selecting the specific API and clicking Enable.
Repeat for each API listed below:- Google Drive API
- Admin SDK
Make sure that the respective services are enabled within the Google tenant. You can control services for your users using the instructions on this page: Control who can access G Suite and Google Services.
Create a Customer Tenant Service Account
- Click Menu > IAM & Admin > Service accounts from the Google Cloud Platform Console.
- Click + Create Service Account at the top middle of the screen and enter a name.
- Click Create.
- Assign the role of Owner to the new Service Account by selecting Owner from the Role drop-down menu.
- Click Continue to move to the next step, then click the Done
- You will now be returned to the "Service Accounts" page.
- On the ‘Service accounts' page, click the vertical ellipsis under the 'Actions’ column for the service account created above.
- Click Manage Keys.
- Click on Add Key > Create New Key.
- Make sure that JSON is selected as "Key Type."
- Click Create.
- Click Close.
Download the key as a JSON file and note the file's name and location. This JSON file will be used when setting up the migration endpoint in the migration project.
Important
The JSON file must contain information in the following fields: “type”, “private key”, and “client email”. If these mandatory fields are empty the file upload during endpoint creation will fail.
Setting the Scopes for the Migration
From the Google Cloud Platform Console:
- Click Menu.
- Click IAM & Admin.
- Click Service Accounts.
- Find the service account. Previously set it up in the Create a Customer Tenant Account section above.
- Find and copy the service account's Unique ID number. This is the Client ID number that will be used in a later step.
- This field often needs to be added to the view. Click on the Column display options button and add a checkmark to Unique ID, then click OK.
- This Client ID should be considered similar to Admin account passwords and handled securely.
You will now have one of two options, depending on if the Google UI has been updated in your tenant.
- Go to the G Suite admin page at admin.google.com
- Click Security > Access and Data Controls > API Controls
- Under Domain-wide Delegation, click Manage domain-wide delegation.
- Go to the G Suite admin page at admin.google.com
- Click Security.
- Click Advanced Settings.
- Under ‘Domain-wide delegation’, click Manage domain-wide delegation.
- On the Manage domain-wide delegation page, click Add new.
Once the steps are complete:
- In the Client ID field, paste the Unique ID copied above.
- In the OAuth scopes (comma-delimited) field, paste all scopes listed below for the source endpoint.
https://www.googleapis.com/auth/admin.directory.group.readonly, https://www.googleapis.com/auth/admin.directory.user.readonly, https://www.googleapis.com/auth/drive.readonly
You should now see your specific Unique ID and the associate scopes listed.
Export mailboxes to CSV file(s)
From the Google Admin portal:
- Click Users.
- Click ⁝ (3 vertical dots).
- Download Users.
- Download All Users.
- Click OK.
- Save.
Prepare the Destination Environment
Endpoint Change Notification
For Government or Google Drive to OneDrive for Business (China) migrations, select OneDrive GCC/China endpoint types instead of OneDrive in your destination endpoint selection.
OneDrive Prerequisites
- Create an admin account in Microsoft 365 for the migration, or use the global admin account for the tenant.
- The easiest approach to follow is to use the global admin account. This was set up at the time of tenant creation. However, if you do not wish to use this global admin account during migration, then a new user account can be created instead. This will then need to be granted full access rights to each user.
- The admin account must have a full license assigned to it, to provision OneDrive for Business profiles for each user during the migration process.
Application Permissions for OneDrive
Continue configuring your destination environment by selecting one of these application permissions options and following the steps to enable permission levels at the destination.
The easiest approach is to use the global admin account set up at the time of tenant creation. However, if you do not wish to use this global admin account during migration, then a new user account can be created instead. This user account needs to have a license assigned that includes OneDrive and be granted Site Collection Administrator privileges to OneDrive in the project.
- Create a user in Microsoft 365 and assign a license that includes SharePoint. For step-by-step instructions, see the Microsoft article Add users individually or in bulk to Office 365.
- Set the administration privileges. Grant one of the permission levels listed below to the user account to be user as the administrator for the endpoint in the project.
- Global Admin. Microsoft has instructions to set these permissions here: Assign admin roles.
- SharePoint Admin. For specific permissions and project settings to be used with a Site Collection Administrator, see MigrationWiz Permission Requirements.
- Add the admin account, created in step 2, as a Site Collection Admin to the endpoint.
Important
The Global Admin or SharePoint Admin role does not automatically grant Site Collection Administrator rights to a SharePoint or OneDrive site. - Go to MigrationWiz-SharePoint-Delegated and consent to the app access when prompted. Once you click on Accept, you will be redirected to the BitTitan login page. This is normal and the page can be closed.
BitTitan uses app-based authentication for OneDrive, providing greater security and reducing the potential of Microsoft throttling. It replaces the previous Microsoft 365 authentication, which has been subject to increased throttling by Microsoft. This app-based authentication method is specific for Microsoft 365 tenants.
- Ensure you are signed in as a Global Admin.
-
Go to MigrationWiz-SharePoint-FullControl and consent to the app access when prompted.
- Create a new Security Group named “MigrationWiz” on the Office 365 Admin Portal.
- Create a new user that is not having data migrated in the project. This account does not require any administrator roles to be assigned. If you already have an existing user, that should be fine. This user must have a SharePoint license applied.
- Add the new (or existing) user to the previously created security group as a Member. Adding it as an Owner does not work here.
- Create MigrationWiz project.
- When creating the source and destination endpoints, enter the user credentials in step 4 that correspond with the endpoint to which the user belongs.
-
Add the support option UseApplicationPermission=1 to the advanced options of the MigrationWiz project under Support Options.
MigrationWiz Steps
Create a Document Migration Project
- Click the Go to My Projects.
- Click the Create Project.
- Create a Document project.
- Click Next Step.
- Enter a Project name and select a Customer.
- Click Next Step.
Endpoints
Endpoints are created through MigrationWiz. If you select an existing endpoint from the dropdown, it will only show ten endpoints. If you have more than ten, you may need to search it.
Consider that endpoint search is case and character-specific. For example, Cust0mer will not show up if the search is customer. We recommend keeping a list of endpoints you have created, along with any unique spellings or capitalization you may have used.
Create your Endpoints
Please review the following tabs to create your destination and source endpoints.
Create your source endpoint by following the next steps:
- Click Endpoints.
- Click Add Endpoint.
- Select Google Drive (own service account).
- Select the JSON file created in the steps above and enter the Super Admin username and password for the source.
- Enter the Google admin account email address. This account has an admin access level to the Google admin portal. Please note that this admin email should match the end-user domain.
- Click Add.
Create your destination endpoint by following the next steps:
- Click DESTINATION SETTINGS.
- Click Endpoints.
- Click Add Endpoint.
- Select OneDrive for Business.
- Complete the Administrator Username and Password in the proper fields.
- Choose one of the Azure Storage options:
- Use Microsoft Provided Azure Storage, in this case, you can pass to step 7.
- Use Custom Azure Account Name, enter the Azure Storage Account Name and Azure Access Key (if using your own Azure storage). In this case, only numbers and lowercase letters can be used. If you enter an upper case letter, your migration will fail.
- Click Add Endpoint.
Region of Destination Tenant
MigrationWiz displays a dropdown to select the Preferred Region of the Tenant at the destination endpoint. This value updates the Preferred Region of the Destination Tenant field in the project's Advanced Options, and vice versa. You will notice that both values are always the same.
The Region of Destination Tenant feature optimizes the migration performance and speed when choosing the region closest to the destination tenant.
Tip
You can find the region of your destination tenant directly in the Microsoft Entra admin center by going to Identity > Overview > Properties, and using the Country or region or the Data location.
For more information on this topic, review this article. In case you need the multi-geo information you can refer to this article.
Warning
If you do not complete this field you will not be able to save your project and the “This field cannot be left blank.” error will appear.Add Users
Add the user accounts that will be migrated to the project. MigrationWiz allows you to bulk import users into the system.
Important
For OneDrive endpoints, the email address must match the current User Principal Name of the user in the tenant)
Use the Bulk Add option for large migrations, or the Quick Add for smaller migrations.
- An email address
- Login name
- Password
- Mailbox status
Bulk Add uses a CSV containing the source and destination email addresses for the users to add the users to the project. If migrating only a specific group from a tenant, we recommend using the Bulk Add option.
MigrationWiz allows you to bulk import mailboxes into the system.
To import one or more mailboxes:
- Sign in to your MigrationWiz account.
- Select the Project for which you want to perform the bulk import.
- Click Add.
- Click Bulk Add.
- Follow the instructions on the page.
Add Advanced Options
Support Tab
There are no spaces on either side of the "=" sign, and the entries are case-sensitive, so pay special attention to the capital letters in the commands detailed below.
-
InitializationTimeout=8
- This increases the initialization timeout window to eight hours.
-
IncreasePathLengthLimit=1
- Use this Advanced Option in MigrationWiz to enable the use of 400 characters for the file path name.
-
RemoveExistingPermissionsWhenUnspecified=1
- See Document Migrations for more information.
-
ShrinkFoldersMaxLength=300 (optional but recommended)
- See SharePoint & OneDrive Migration FAQs. We recommend that you set this Advanced Option as ShrinkFoldersMaxLength=300
- This option can be set to a higher or lower value, depending on what is acceptable to the customer. The value is dependent upon the following criteria: the file system data, the email address that is a part of the folder path (collection root), and the domain name for permissions, etc. However, using 300 should keep a good security range to manage all edge cases, and it provides a very reasonable limit. This option should be enabled on a case-by-case basis.
- We recommend you create a project specifically for when this option is required. Within this project, add the Advanced Option: ShrinkFoldersMaxLength=300 and then move files that get "path too long" errors into this project.
- If a former migration has been performed without the option on, then the storage will need to be reset at the Destination, otherwise, both file system structures will appear at the Destination.
- The dynamic mapping may vary, and the Destination may have two different file systems represented if a user modifies the Source file system folder structure (such as renaming, removing, or creating a new folder) between two passes using this Advanced Option.
- If multiple folders are truncated at 10 characters in the same parent folder, they may be merged into a single one if the first ten (10) characters are identical.
-
DocumentBrowsingMode=FullCopy
- Scans “My Drive” for the source address in your migration project.
- Migrates all folders and files in "My Drive" regardless of ownership.
- The owner of folders and files migrated from MyDrive changes to the destination OneDrive user. There is no current option to avoid this.
- Documents and Document permissions must be migrated together in the first pass for permissions to be applied properly.
- In case you remove it and do not use "DocumentBrowsingMode=Moderate" in the Project advance options. This option will not be able to migrate items from folders under My Drive NOT owned by the user resulting in missing items. See Google Drive Migration FAQ for more details.
-
IgnoreConflictingFiles=1
- Set this value to skip the FileAlreadyExists exception in the One Drive.
-
DestPersonalSiteIsProvisioned=1
- MigrationWiz will use App-based authentication for OneDrive personal site retrieval.
-
MapPermissionEmailByPairsInProject=1
- Permissions generally cannot be migrated unless the prefix of the mail address is the same in the source and the destination. However, choosing the Support Option. MapPermissionEmailByPairsInProject=1 will allow permissions to be migrated without identical mail addresses.
-
If you have split all the Google Drive accounts across different MigrationWiz projects, use the Support Option MapPermissionEmailByPairsInCustomer=1 instead to use the mapping of all users across all projects.
If the migration project is a long-term project, an Advanced Option may be necessary during the final migration pass to verify the previously migrated items. For more information contact Support.
Notifications Tab
-
Send successful migration and notification to:
- Source email address in case users are still using G Suite Gmail.
- Destination email address if users are already using Microsoft 365.
- Customize notification email: Checkmark the Customize "successful migration" email Add your own customization text and company name to this email.
-
Notifications are not mandatory for a successful migration. Notifications should only be set up before the final pass. Please consider the following cases:
- If performing a Single or Full pass, set this up now.
- When following a Pre-Stage migration strategy, only set this up before the final Full (Delta) pass.
Run Verify Credentials
- Sign in to your MigrationWiz account.
- Open the Project containing items to validate.
- Select the items to validate.
- Click the Start button in your dashboard.
- Select Verify Credentials from the drop-down list.
Once complete, you can check the verification results in the Status section.
Notify Users
Notify users that a migration is occurring. Send an email to all users telling them the time and date of the migration.
Run Migration
Pre-Stage pass
- Select the users to migrate.
- Click the Start button from the top.
- Select Pre-Stage Migration.
- Under the Migration Scheduling section, from the drop-down list, select 90 days ago.
- Click Start Migration.
Full (Delta) pass
- Select the users.
- Click the Start button from the top.
- Select Full Migration.
- Click Start Migration.
Run Retry Errors
Look through the user list and click any red "failed migration" errors. Review the information and act accordingly.
If problems persist contact Support.
Request Statistics
Click the pie chart icon in the MigrationWiz dashboard to receive an email containing all the project migration statistics.
Post Migration Steps
To remove the BitTitan Enterprise app, perform the following steps:
Remove the Authentication App
You can remove the Authentication App in Entra Center.
- Sign in to Microsoft Entra admin center.
- Select Microsoft Entra ID.
- Go to Identity > Applications > Enterprise applications, in the left bar of the window.
- In the Manage section, select All applications, look for the application permission you configured (MigrationWiz-SharePoint-Delegated or MigrationWiz-SharePoint-FullControl), and select it.
- Go to Manage > Properties, and select Delete from the properties bar.