This is the complete onboarding task flow for migrating folders and documents from Google Drive to Private Cloud for Microsoft SharePoint Online. Complete each step in the order listed. Links to corresponding Knowledge Base articles are provided.
This is a one-to-many migration path. This means that data that belongs to one user will be migrated into a shared document library. This is a rare business case, because individual data would then be accessible by multiple people. This migration scenario is free and requires no MigrationWiz licenses.
If performing a Google Drive to OneDrive for Business migration, refer to the Google Drive to OneDrive for Business Migration Guide. This is the most common migration scenario for Google Drive migrations.
Items and folders in "Shared with Me" will not be migrated. Only items in "My Drive" will be migrated. To migrate "Shared with Me" items, they must be added to "My Drive".
MigrationWiz is a migration solution (not a synchronization solution) and will NOT propagate updates, deletes, or moves of the items previously migrated in the first migration pass because we do not have “live” monitoring of changes (as with a sync agent) and we cannot handle scenarios such as conflict resolution without user interaction.
This migration scenario will only migrate the content from the users' Google Drive accounts into the SharePoint Online document library. It will not migrate the permissions in the Source Google Drive shared documents. Make sure to deselect Document Permissions before submitting your migration pass.
MigrationWiz supports the capability to share migration projects across a Workgroup. When the Project Sharing feature is turned on, all Agents besides those who are Inactive can view all migrations projects. For more information, visit Project Sharing in MigrationWiz.
We are not able to support migrations with two-factor or multifactor authentication.
Prepare the Source Environment
Google Drive (Own Service Account) Endpoint
This endpoint requires your tenant service account to be set up and Google APIs be enabled. Follow the steps below to set up your environment for this endpoint.
Subscription to Google Cloud Platform.
Google Super Administrator account.
Ability to set up a service account on the G Suite tenant.
Service account must be set up before the MigrationWiz project is created.
Step 1: Create a Google Project:
Go to the Google Cloud Platform (GCP) Console and sign in as a super administrator. Choose one of the options below:
If you haven't used the Google Cloud Platform Console before, agree to the Terms of Service and click Create Project.
If you have used Google Cloud Platform Console before, at the top of the screen next to your most recent project name, click Down to open your projects list. Then, click New Project.
Enter a project name and click Create.
Step 2: Enable APIs for Service Account
From the Google Cloud Platform Console, click Menu > APIs & Services > Library.
Enable the following APIs by selecting the specific API and clicking Enable.
Repeat for each API listed below:
Google Drive API
Make sure that the respective services are enabled within the Google tenant. You can control services for your users using the instructions on this page: Control who can access G Suite and Google Services.
Step 3: Create Customer Tenant Service Account
From the Google Cloud Platform Console, click Menu > IAM & Admin > Service accounts.
Click Create Service Account and enter a name.
Assign the role of Owner to the new Service Account by selecting Owner from the Role drop down menu.
- You will now be returned to the "Service Accounts" page.
- On ‘Service accounts' page, click vertical ellipsis under 'Actions’ column for the service account created above.
Click + Add Key.
Click Create New Key.
Make sure that JSON is selected as "Key Type."
Make sure that you download the key as a JSON file and make a note of the name and location of the file. This JSON file will be used when setting up the migration endpoint in the Mailbox Migration project.
The JSON file must contain information in the following fields: “type”, “private key”, and “client email”. If these mandatory fields are empty the file upload during endpoint creation will fail.
Step 4: Setting the Scopes for the Migration
From the Google Cloud Platform Console:
- Click Menu
- Click IAM & Admin
- Click Service Accounts
- Find the service account that was set up in Step 3: Create Customer Tenant Account.
- Find the Unique ID field for that service account by clicking the Column Display Options button in the right upper corner above Actions and copy the ID number. This is the Client ID number that will be used in a later step.
- This field often needs to be added to the view. Click on the Column display options button and add a checkmark to Unique ID, then click OK.
- This Client ID should be considered similar to Administrator account passwords and handled securely.
- You will now have one of two options, depending on if the Google UI has been updated in your tenant.
Old Google Tenant:
- Go to the G Suite admin page at google.com
- Click on Security
- Click on Advanced Settings
- Click Manage API Client Access.
OR If your account shows the latest UI updates from Google, as shown below:
- Go to the G Suite admin page at google.com
- Click on Security
- Click Advanced Settings
- Under ‘Domain-wide delegation’, click Manage domain-wide delegation
- On the Manage domain-wide delegation page, click Add new
Once these steps are complete:
- In the Client ID field, paste the Unique ID copied above.
- In the OAuth scopes (comma-delimited) field, paste all scopes listed below:
- For source endpoint :
https://www.googleapis.com/auth/admin.directory.group.readonly, https://www.googleapis.com/auth/admin.directory.user.readonly, https://www.googleapis.com/auth/drive.readonly
- For destination endpoint (must include read-write scopes):
https://www.googleapis.com/auth/admin.directory.group, https://www.googleapis.com/auth/admin.directory.user, https://www.googleapis.com/auth/admin.directory.group.readonly, https://www.googleapis.com/auth/admin.directory.user.readonly, https://www.googleapis.com/auth/drive.readonly,
- For source endpoint :
- Click Authorize.
You should now see your specific Unique ID and the associate scopes listed.
Prepare the Destination Environment
- Create a SharePoint Online administrator or Site Collection administrator account to be used for migration, or use the global admin account for the tenant. Read the Manage administrators for a site collection article from Microsoft for more information.
- Create a SharePoint site.
Note: Make a note of the site URL where the document libraries will be stored. This will be entered when creating your MSPComplete Destination endpoint.
- Before beginning the migration project, create the structure of the document libraries, and also create the actual document libraries on the Destination SharePoint Online site.
Note: Refer to the Training: Introduction to document libraries video from Microsoft for more information.
- Set up the app-based authentication in the Office 365 tenant. For specific instructions, see Sharepoint App-based Authentication.
- Create the Document Migration project. Read the How do I create a new migration project?article for more information.
- Add the accounts (items) that will be migrated to the project. Read the How do I add items to my migration project? article for more information.
- Click Add and enter the email address of each Google Drive user for Source, and the corresponding document library name at the Destination that the Source documents will be migrated into.
- If the document library is named "Documents" and the URL is listed as "xxxxxx.sharepoint.com/Documents/", enter Documents as the document library name.
- If your document library is named "Documents" but the URL says "xxxxxx.sharepoint.com/Shared Documents/", the name of the document library that needs to be entered is Shared Documents.
Note: ‘/' characters are not supported in the destination library name. Attempting to migrate any destination library with a '/' character will result in a migration failure.
- Set the Project Advanced Options. Read the What project Advanced Options are available? article for more information.
- Under Support/Support Options add:
InitializationTimeout=8- This increases the initialization timeout window to eight hours. Read the Cannot get folders from My Drive article for more information.
RenameConflictingFiles=1- This automatically renames the files that have the same name. It will rename the files to their original file names, followed by a unique identifier hash so it does not interfere with the original name and search. Read the How do I migrate multiple files with the same name into OneDrive? article for more information.
Note: There are no spaces on either side of the "=" sign, and the entries are case-sensitive, so pay special attention to the capital letters in the commands above.
- Run Verify Credentials. Read the How do I verify credentials? article for more information.
- Notify users that a migration is occurring. Send email to all users letting them know the time and date of the migration. During this time, they should not modify any documents in their Google Drive accounts, because any modifications will not be included in the migration.
- Perform the migration. Read the How do I start a migration? for more information.
Important: Deselect permissions before migrating. If permissions are left checked, this will result in errors during your migration, because permissions cannot be migrated for this scenario.
- Click the bar chart icon in the MigrationWiz dashboard to receive an email containing all the project migration statistics. Read the How do I request statistics for my migration project? article for more information.
To prevent users from inadvertently logging in and using their Google Drive accounts, decommission the Google Drive user accounts, or change their passwords.