Google Drive to OneDrive for Business Migration Guide

This article outlines the complete task flow for migrating folders and documents from Google Drive to OneDrive for Business. This migration requires an Azure subscription, which maximizes migration speed and bypasses throttling.

First time?

This migration guide contains the necessary steps to perform the actual migration, but there are many steps to preparing for migration. If this is your first time performing a migration, we have created a Migration Planning & Strategy Guide to walk you through planning, set-up, and general migration best practices. If you have never performed a migration before, we suggest reading that before beginning the steps outlined in this scenario.

Limitations

MigrationWiz is a migration tool, not a syncing tool. If changes are made at the source after migration, they will not sync to the destination, nor will changes made at the destination sync to the source. We do not have “live” monitoring of changes (as with a sync agent) and cannot handle scenarios such as conflict resolution without user interaction.

Items and folders in "Shared with Me" will not be migrated. Only items in "My Drive" will be migrated. To migrate "Shared with Me" items, they must be added to "My Drive".

We are not able to support migrations with two-factor or multifactor authentication. 

The maximum file size for migration through MigrationWiz varies by migration type and environment, but may never exceed 60GB.

Some item types are not migrated, click the bar below to check a full list. We are constantly working to create a better migration experience for you so these items may change.

What items are migrated?

The following tabs show a list of migrated and not migrated items for Google Drive to OneDrive for Business migrations.

Migrated Not Migrated
  • Folders
  • Folders you have shared
  • Permissions
  • G Suite native files
  • Code Files
  • Documents
  • Images
  • Executables
  • Videos
  • Audio Files
  • Templates (files that the template had been applied to are migrated)
  • Creation Date (Creation date gets changed to the "date of migration" date)
  • Scripts/Macros (Scripts are not converted to macros when going to documents)
  • Comments
  • File/Folder permissions
  • Items/folders in "Shared with Me”. These folders must be added to the user’s “My Drive” and FullCopy Mode must be used to migrate these items/folders. 
  • Shortcuts (Migrated in Google Drive to Google Drive scenarios only.)
  • Google Shared Drives (also known as Team Drives)
    • Only when SharePoint Online is the Destination

OneDrive Migrations

Consider the following behaviors and tips for OneDrive migrations.

  • OneDrive data may not be accessible for a few days after migration, due to OneDrive's crawling and indexing process. We suggest you have your users log in immediately after migration but let them know that their data may not be available immediately. For this reason, it may be best to complete the migration on a Friday so the indexing can happen over the weekend.
  • If you migrate to a Microsoft 365 Small Business Tenant account, the processes will be very similar to the one above. However, you will not be able to use admin credentials for your Destination endpoint, instead use the end-user credentials.
  • This endpoint does not support the User's personal site provisioning. If App-Based Authentication is in use at the Destination, the AO DestPersonalSiteIsProvisioned=1 must be used. Refer to Advanced Option.
  • Due to versioning, storage usage in OneDrive may be increased when migrating with permissions.
  • Due to limitations on connections allowed by GoDaddy, we do not support migrating to or from GoDaddy using this migration type.
  • Changing the domain after the migration process will not automatically update the previously migrated destination file. Once data is migrated from one domain to another, any subsequent changes or modifications made to the source data or the domain will not automatically reflect in the destination file.

Set up the Azure Environment

If using Microsoft-provided Azure storage, you can skip this section.

  1. Estimate Azure storage costs. This step is optional but is useful in providing the customer with upfront storage costs ahead of time.
  2. Buy an Azure subscription or use the free one-month trial. This option is only viable when performing a very small migration.
  3. Create an Azure storage account. You will need to set up a STORAGE (General Purpose v2) account rather than a storage blob. Take note of the storage account name and the primary access key. We recommend you create an Azure Storage Account in the same Microsoft data center as the Destination Microsoft 365 tenant. You do not need to create any Azure containers for this migration.
    1. Log in to http://portal.azure.com/
    2. Go to the Storage account you have created for Migration purposes.
    3. Click Access Keys for the access keys that need to be entered when creating the Destination endpoint. We recommend you create an Azure Storage Account in the same Microsoft data center as the Destination Office 365 tenant. 
    4. Take note of the Storage Account Name and the Primary Access Key as follows:
      • -accesskey – This is the Storage account name for the Blob, for example: “accountname”
      • -secretkey - This is the access key for the Storage account, for example: “W1RrDfkPNkfYfdVqizMNJjn5mXchwMP5uYBY8MsMqWTA7EubG911+4fZlki0Gag==”

Prepare the Source

The Google Drive (Own Service Account) connector launched in 2020 and requires the set up of a Google Service account. This significantly reduces the likelihood of the migration being throttled. This is the option we recommend for all Google Drive migrations. Follow the steps below under OAuth2 Requirements for Google Drive (Own Service Account) to set up your environment for this endpoint.

All accounts being migrated must be in Active status in the tenant. Inactive users cannot be fully migrated and will fail in the project.

OAuth2 Requirements for Google Drive (Own Service Account)

Prerequisites

  • Subscription to Google Cloud Platform.
  • Google Super Administrator account.
  • Ability to set up a service account on the G Suite tenant.
  • A Google service account must be set up before creating the MigrationWiz project.

Create a Google Project

  1. Go to the Google Cloud Platform (GCP) Console and sign in as a super administrator. Choose one of the options below:
    • If you have not used the Google Cloud Platform Console before, agree to the Terms of Service and click Create Project.
    • If you have used Google Cloud Platform Console before, at the top of the screen next to your most recent project name, click Down to open your projects list. Then, click New Project.
  2. Enter a project name and click Create.
  3. When the new project creation completes, at the top of the screen next to the current project name, click the Down icon and select the newly created project name from the list.

If you cannot create a project here, it may be that the ability to create projects has been disabled for your tenant. To check this, navigate to the Google Admin Center click on Apps > Additional Google Services, and select the Google Cloud Platform. Once there, you should see a setting that can be toggled to allow users to create projects.

Enable APIs for Service Account

  1. Click Menu > APIs & Services > Library from the Google Cloud Platform Console.
  2. Enable the following APIs by selecting the specific API and clicking Enable.
    Repeat for each API listed below:
    • Google Drive API
    • Admin SDK

Make sure that the respective services are enabled within the Google tenant. You can control services for your users using the instructions on this page: Control who can access G Suite and Google Services.

Create a Customer Tenant Service Account

  1. Click Menu > IAM & Admin > Service accounts from the Google Cloud Platform Console.
  2. Click + Create Service Account at the top middle of the screen and enter a name.
  3. Click Create.
  4. Assign the role of Owner to the new Service Account by selecting Owner from the Role drop-down menu.
  5. Click Continue to move to the next step, then click the Done 
  6. You will now be returned to the "Service Accounts" page. 
  7. On the ‘Service accounts' page, click the vertical ellipsis under the 'Actions’ column for the service account created above.
  8. Click Manage Keys.
  9. Click on Add Key > Create New Key
    1. Make sure that JSON is selected as "Key Type."
  10. Click Create.
  11. Click Close.

Download the key as a JSON file and note the file's name and location. This JSON file will be used when setting up the migration endpoint in the migration project.

Important

The JSON file must contain information in the following fields: “type”, “private key”, and “client email”. If these mandatory fields are empty the file upload during endpoint creation will fail.

Setting the Scopes for the Migration

  1. From the Google Cloud Platform Console:

      1. Click Menu.
      2. Click IAM & Admin.
      3. Click Service Accounts.
      4. Find the service account. Previously set it up in the Create a Customer Tenant Account section above.
      5. Find and copy the service account's Unique ID number. This is the Client ID number that will be used in a later step.
        • This field often needs to be added to the view. Click on the Column display options button and add a checkmark to Unique ID, then click OK.
        • This Client ID should be considered similar to Administrator account passwords and handled securely.
      6. You will now have one of two options, depending on if the Google UI has been updated in your tenant.

      Old Google Tenant UI:

      1. Go to the G Suite admin page at google.com.
      2. Click Security.
      3. Click Access and Data Control > API Controls.
      4. Click Manage API Client Access.

      OR If your account shows the latest UI updates from Google, as shown below:New_Google_Admin_APP_Access_Control.JPG

      1. Go to the G Suite admin page at google.com.
      2. Click Security.
      3. Click Advanced Settings.
      4. Under ‘Domain-wide delegation’, click Manage domain-wide delegation.
      5. On the Manage domain-wide delegation page, click Add new.

 Once these steps are complete:

  1. In the Client ID field, paste the Unique ID copied above.
  2. Paste all scopes listed below in the OAuth scopes (comma-delimited) field for the source endpoint.
    https://www.googleapis.com/auth/admin.directory.group.readonly, https://www.googleapis.com/auth/admin.directory.user.readonly, https://www.googleapis.com/auth/drive.readonly 
  3. Click Authorize.

 You should now see your specific Unique ID and the associate scopes listed.

Export mailboxes to CSV file(s)

From the Google Admin portal:

  1. Click Users.
  2. Click ⁝ (3 vertical dots).
  3. Download Users.
  4. Download All Users.
  5. Click OK.
  6. Save.

Prepare the Destination Environment

Endpoint Change Notification

For Government or Google Drive to OneDrive for Business (China) migrations, select OneDrive GCC/China endpoint types instead of OneDrive in your destination endpoint selection.

Create an administrator account in Microsoft 365 for the migration, or use the global admin account for the tenant.

The easiest approach to follow is to use the global admin account. This was set up at the time of tenant creation. However, if you do not wish to use this global admin account during migration, then a new user account can be created instead. This will then need to be granted full access rights to each user.

The admin account must have a full license assigned to it, to provision OneDrive for Business profiles for each user during the migration process. If you encounter the error "Personal Site is not instantiated = PermissionsUserNotLicensed", this means that the OneDrive collection for a user does not exist and the administrator account used for the migration does not have a full license assigned. To resolve this issue, assign a license to the administrator account, and resubmit the migration.

Create an Administrator Account for Delegated Administration Rights

The easiest approach is to use the global administrator account, set up at the time of tenant creation. However, if you do not wish to use this global admin account during migration, you should create a new user account instead. This new account needs to have a license assigned including a OneDrive for Business and be granted either Global Administrator permissions or SharePoint Administrator privileges.

Important

We strongly recommend you use an administrator account that is not one of the migrated users, as it can cause issues with missing shared permissions.

Process

  1. Create a user in Microsoft 365 and assign a license that includes OneDrive for Business. For step-by-step instructions, see the Microsoft article Add users individually or in bulk to Office 365.
  2. Grant the new user Global Administrator permissions or SharePoint Administrator rights in Microsoft 365.
  3. Ensure that the administrator account is set to use Basic authentication rather than Multi-Factor authentication.

After you perform these steps, the specified user will be visible in the Microsoft 365 administrator center. Full provisioning of the user account can take up to 24 hours.

Using App-based Authentication

BitTitan uses app-based authentication for SharePoint, OneDrive for Business, Microsoft 365 Groups (Documents), and Teams migrations. This provides greater security and reduces the potential of Microsoft throttling. It replaces the previous Microsoft 365 authentication, which has been subject to increased throttling by Microsoft. This app-based authentication method is specific for Microsoft 365 tenants.

If you elected to use app-based authentication, perform the following steps:

Add the App to the Tenant

Steps to enable permission level at the destination:

  1. Go to MigrationWiz-SharePoint-FullControl and consent to the app access when prompted.
  2. Create a new Security Group named “MigrationWiz” on the Microsoft 365 Admin Portal.
  3. Create a new user.
  4. Add a new user to the previously created security group as a member.
  5. Create MigrationWiz project.
  6. When creating the endpoints, enter the new user credentials.

Assign Licenses

You can assign an Office 365 license that contains OneDrive for Business to the admin account that will be used for migration.

  • If users have never used OneDrive before, MigrationWiz will provision OneDrive (SharePoint) profiles for each migrated user, using the admin account credentials entered in the Destination endpoint. However, it does not create the user account, for this reason, the user account needs to be created before.
  • MigrationWiz cannot provision a OneDrive profile for blocked users. If a user is blocked, there will be a provisioning or access error.

Set up accounts on Office 365 and assign licenses. These can be created in several ways:

  • Manually, one at a time.
  • By bulk import, via CSV file. Read the Add several users at the same time to Office 365 article from Microsoft for more information. You can use the CSV file previously created under the Prepare the Source Environment section.
  • By PowerShell script. Read the Create user accounts with Office 365 PowerShell article from Microsoft for more information.

    Important

    If you are migrating permissions, the part of the usernames before the "@" sign on Microsoft 365 must match the part of the username on Google Drive before the "@" sign, e.g., john.smith@domain1.com on Google Drive must follow the same format before the @ sign on Microsoft 365, and so must also equal "john.smith" on Microsoft 365.

    The domain name, however, can be different. For more information see: Set up groups on Microsoft 365. If permissions were assigned to groups on Google Drive, and you want these to be migrated, the group names on Microsoft 365 must match the group names on Google Drive.  Create the required Microsoft 365 CNAME for your domain. Read the Create DNS records at Register365 for Office 365 article from Microsoft for more information. Set up the app-based authentication in the Microsoft 365 tenant.

Post Migration Steps

To remove the BitTitan Enterprise app, perform the following steps:

  1. Launch PowerShell.
  2. Connect PowerShell to Microsoft 365.
  3. Enter the command:

    Connect-AzureAD

  4. Enter the admin credential in the prompt.
  5. Enter the command:

    Get-AzureADServicePrincipal -SearchString Migration

  6. Look for the ObjectId of the app you want to remove and enter the following command: Remove-AzureADServicePrincipal -objectId <the object id>

MSPC Steps

Licensing

Licenses are required to run a migration project in MigrationWiz. For more information about obtaining a license pricing or purchasing licenses, click the Purchase button at the top of your MSPComplete or MigrationWiz dashboard.

Payment: We accept credit cards, and wire transfers in certain situations.  

  • When purchasing with a credit card, payment is immediately processed during checkout. If successful, licenses are granted to your account instantly.
  • Wire transfers are available for purchases of 100 or more licenses. If you purchase at least 100 licenses, you will be presented with an option to purchase via wire transfer during checkout. A wire transfer checkout will generate an invoice with wiring information for your accounts payable department and bank. Once the system receives the funds, the licenses are granted to your account immediately. 

For this project type, we recommend using our User Migration Bundle licenses. 

Purchase Licenses

  1. Sign in to your BitTitan account. 
  2. In the top navigation bar, click Purchase.
  3. Click the Select button and choose the license type you need.
  4. Enter the number of licenses you want to purchase. Click Buy Now.
  5. Enter a Billing address if applicable.
  6. Click Next.
  7. Review the Order Summary and enter a payment method.
  8. Click Place Your Order.

These licenses enable you to perform multiple migrations of documents and in-place archives.

User Migration Bundle Licenses have unlimited data available per license. User Migration Bundle Licenses are applied to the customer's users, for whom you perform migrations, and are valid for one year.

Read the Licensing FAQ article for more information.

MigrationWiz Steps

Create a Document Migration Project

  1. Click the Go to My Projects.
  2. Click the Create Project.
  3. Create a Document project.
  4. Click Next Step.
  5. Enter a Project name and select a Customer.
  6. Click Next Step.

Endpoints

Endpoints are now created through MigrationWiz, rather than through MSPComplete. The steps for this section outline how to create the endpoints in MigrationWiz.

Consider that you can only see ten endpoints in the drop-down when choosing an existing endpoint. If you have more than ten, you may need to search. Endpoint search is case and character-specific. For example, Cust0mer will not show up if the search is customer. We recommend keeping a list of endpoints you have created, with any unique spellings or capitalization you may have used.

You may either use existing endpoints or create new ones. 

Create a Source Endpoint

  1. Click Endpoints.
  2. Click Add Endpoint.
  3. Select Google Drive (own service account).
  4. Select the JSON file created in the steps above and enter the Super Admin username and password for the source.
  5. Enter the Google admin account email address. This account has an admin access level to the Google admin portal. Please note that this admin email should match the end-user domain.
  6. Click Add.

Create a Destination Endpoint

  1. Click Endpoints.
  2. Click Add Endpoint.
  3. Select OneDrive for Business.
  4. Enter the requested information. When entering the Azure Storage Account Name for the destination endpoint, use only numbers and lowercase letters. If you enter an upper case letter, your migration will fail.
  5. Click Add.

Add Users

Add the user accounts that will be migrated to the project. MigrationWiz allows you to bulk import users into the system.

Important

For OneDrive endpoints, the email address must match the current User Principal Name of the user in the tenant)

Use the Bulk Add option for large migrations, or the Quick Add for smaller migrations. 

Quick Add
This option allows you to add items one at a time. To do so, you only have to provide an email address if you entered administrative credentials when setting up the project. If you did not, enter the following user information:
  • An email address
  • Login name
  • Password
  • Mailbox status
Bulk Add

Bulk Add uses a CSV containing the source and destination email addresses for the users to add the users to the project. If migrating only a specific group from a tenant, we recommend using the Bulk Add option.

MigrationWiz allows you to bulk import mailboxes into the system.

To import one or more mailboxes:

  1. Sign in to your MigrationWiz account.
  2. Select the Project for which you want to perform the bulk import.
  3. Click Add.
  4. Click Bulk Add.
  5. Follow the instructions on the page.

Add Advanced Options

Support Options

There are no spaces on either side of the "=" sign, and the entries are case-sensitive, so pay special attention to the capital letters in the commands detailed below.

  • InitializationTimeout=8
    • This increases the initialization timeout window to eight hours. 
  • IncreasePathLengthLimit=1
    • Use this Advanced Option in MigrationWiz to enable the use of 400 characters for the file path name.
  • RemoveExistingPermissionsWhenUnspecified=1
  • ShrinkFoldersMaxLength=300 (optional but recommended)
    • See SharePoint & OneDrive Migration FAQs. We recommend that you set this Advanced Option as ShrinkFoldersMaxLength=300
    • This option can be set to a higher or lower value, depending on what is acceptable to the customer.  The value is dependent upon the following criteria: the file system data, the email address that is a part of the folder path (collection root), and the domain name for permissions, etc. However, using 300 should keep a good security range to manage all edge cases, and it provides a very reasonable limit. This option should be enabled on a case-by-case basis.
    • We recommend you create a project specifically for when this option is required. Within this project, add the Advanced Option: ShrinkFoldersMaxLength=300 and then move files that get "path too long" errors into this project.
    • If a former migration has been performed without the option on, then the storage will need to be reset at the Destination, otherwise, both file system structures will appear at the Destination.
    • The dynamic mapping may vary, and the Destination may have two different file systems represented if a user modifies the Source file system folder structure (such as renaming, removing, or creating a new folder) between two passes using this Advanced Option.
    • If multiple folders are truncated at 10 characters in the same parent folder, they may be merged into a single one if the first ten (10) characters are identical.
  • DocumentBrowsingMode=FullCopy

    • Scans “My Drive” for the source address in your migration project.
    • Migrates all folders and files in "My Drive" regardless of ownership.
    • The owner of folders and files migrated from MyDrive changes to the destination OneDrive user. There is no current option to avoid this.
    • Documents and Document permissions must be migrated together in the first pass for permissions to be applied properly.
    • In case you remove it and do not use "DocumentBrowsingMode=Moderate" in the Project advance options. This option will not be able to migrate items from folders under My Drive NOT owned by the user resulting in missing items. See Google Drive Migration FAQ for more details.
  • IgnoreConflictingFiles=1
    • Set this value to skip the FileAlreadyExists exception in the One Drive.
  • DestPersonalSiteIsProvisioned=1
    • MigrationWiz will use App-based authentication for OneDrive personal site retrieval.
  • MapPermissionEmailByPairsInProject=1
    • Permissions generally cannot be migrated unless the prefix of the mail address is the same in the source and the destination. However, choosing the Support Option. MapPermissionEmailByPairsInProject=1 will allow permissions to be migrated without identical mail addresses.
    • If you have split all the Google Drive accounts across different MigrationWiz projects, use the Support Option MapPermissionEmailByPairsInCustomer=1 instead to use the mapping of all users across all projects.

If the migration project is a long-term project, an Advanced Option may be necessary during the final migration pass to verify the previously migrated items. For more information contact Support.

Notifications

  • Send successful migration and notification to: 
    • Source email address in case users are still using G Suite Gmail.
    • Destination email address if users are already using Microsoft 365.
  • Customize notification email: Checkmark the Customize "successful migration" email Add your own customization text and company name to this email.
  • Notifications are not mandatory for a successful migration.  Notifications should only be set up before the final pass. Please consider the following cases:
    • If performing a Single or  Full pass, set this up now.
    • When following a Pre-Stage migration strategy, only set this up before the final Full (Delta) pass.

Run Verify Credentials

  1. ​Sign in to your MigrationWiz account​.
  2. Open the Project containing items to validate.
  3. Select the items to validate.
  4. Click the Start button in your dashboard.
  5. Select Verify Credentials from the drop-down list.

Once complete, you can check the verification results in the Status section.​ 

Notify Users

Notify users that a migration is occurring. Send an email to all users telling them the time and date of the migration.

Run Migration

Pre-Stage pass

  1. Select the users to migrate.
  2. Click the Start button from the top.
  3. Select Pre-Stage Migration.
  4. Under the Migration Scheduling section, from the drop-down list, select 90 days ago.
  5. Click Start Migration.

Full (Delta) pass

  1. Select the users.
  2. Click the Start button from the top.
  3. Select Full Migration.
  4. Click Start Migration.

Run Retry Errors

Look through the user list and click any red "failed migration" errors. Review the information and act accordingly.

If problems persist contact Support.

Request Statistics

Click the pie chart icon in the MigrationWiz dashboard to receive an email containing all the project migration statistics.

Was this article helpful?
3 out of 6 found this helpful