This is the complete onboarding task flow for migrating folders and documents from Google Drive to Microsoft SharePoint Online.
This migration guide contains the necessary steps to perform the actual migration, but there are many steps to preparing for migration. If this is your first time performing a migration, we have created a Migration Planning & Strategy Guide to walk you through planning, set-up, and general migration best practices. If you have never performed a migration before, we suggest reading that before beginning the steps outlined in this scenario.
Some item types are not migrated. Click the bar below to expand the full list of what item types are and are not migrated. We are constantly working to create a better migration experience for you, so these items may change.
MigrationWiz is a migration tool, not a syncing tool. If changes are made at the source after migration, they will not sync to the destination, nor will changes made at the destination sync to the source. We do not have “live” monitoring of changes (as with a sync agent) and we cannot handle scenarios such as conflict resolution without user interaction.
Items and folders in "Shared with Me" will not be migrated. Only items in "My Drive" will be migrated. To migrate "Shared with Me" items, they must be added to "My Drive".
We are not able to support migrations with two-factor or multifactor authentication.
- Folders you have shared
- G Suite native files (except Google Forms)
- Code Files
- Audio Files
- Templates (files that the template had been applied to are migrated)
- Creation Date (Creation date gets changed to the "date of migration" date)
- Scripts/Macros (Scripts are not converted to macros when going to documents)
- Document History
- File/Folder permissions
- Items/folders in "Shared with Me”. These folders must be added to the user’s “My Drive” and Moderate Mode must be used in order to migrate these items/folders.
- Shortcuts (Migrated in Google Drive to Google Drive scenarios only.)
- Google Shared Drives (also known as Team Drives) are not supported
This is largely because Shared Drives use a different root folder than Google Drive does. Shared Drives also follow different organization, sharing, and ownership models, so the same methods used to migrate Google Drive will not work to migrate Shared Drives.
- Personal / Free Google Drive is not supported
- File/folder shortcuts
Google Vault (Source Only)
- Document libraries
- Site logos and customization
- Task lists
- Custom task
- Shared permissions for files/folders with symbols in name.
Step 1: Prepare the Azure Environment
If using Microsoft provided Azure storage, you can skip this section.
- Estimate Azure storage costs. This step is optional but is useful in order to provide the customer with upfront storage costs ahead of time. For more information, see Estimate Azure Storage costs for migrations:
Estimate Azure Storage costs for migrations
Several migration types require that you have an Azure account. These include Google Vault, PST, file server file share, and file server home directory migrations. In these migrations, data moves to Microsoft Azure Blob storage, and then MigrationWiz transfers the data to the Destination.
In these scenarios, you will incur a fee from Microsoft only for the Azure storage. Data transfer fees are only incurred with cross-region, and total egress, from Azure traffic. As explained below, there should be no outbound data transfer fees for this migration, because your Azure storage needs to be in the same region as the Destination tenant, for the migration.
If Office 365 is the destination, then MigrationWiz includes logic which checks for the region of the Destination tenant, and will then utilize migration workers only from that same region.
- Migrations will fail if the Azure storage containers are not in the same region as the tenant. This restriction has been enforced to prevent any outbound data transfer costs from being incurred during migration.
- If your Azure storage is in the same region as the tenant, then there will be no outbound storage fees, regardless of the number of transfers per project.
Below in an explanation of why the above logic has been implemented, in order to prevent outbound data transfer fees.
When does MigrationWiz transfer data more than once?
Under certain conditions, MigrationWiz will transfer data more than one time. These are some of the scenarios in which MigrationWiz will transfer data from your blob storage more than one time:
- Restarting a migration after the maximum error count is reached
- Restarting a migration after the maximum license consumption is reached
- Both of the above limits are set in the project's Advanced Options screen.
- Restarting a migration after a failed pass
- Restarting a migration after pausing it
In each of these scenarios, when you restart the migration, MigrationWiz starts from the beginning.
Visit the Microsoft Azure Pricing Calculator website to estimate your Azure storage costs.
- Buy an Azure subscription (or use the free one-month trial, and be aware that this option is only viable if you are performing a very small migration). For more information, see How do I buy an Azure subscription?
Purchase Microsoft Azure Subscription
A Microsoft Azure subscription grants you access to Azure services and to the Azure Platform Management Portal.
A Azure subscription has two aspects:
- The Azure account, through which resource usage is reported and services are billed.
- The subscription itself, which governs access to and use of the Azure services that are subscribed to. The subscription holder manages services (Azure SQL, Storage, etc.) through the Azure Platform Management Portal.
Visit the Azure Pricing Options page for more information on Azure pricing.
Visit the Microsoft Azure website for more information about Azure.
- See How do I create an Azure Storage Account?
How do I Create an Azure Storage Account?
How do I create an Azure Storage Account?
To create your storage account. You will need to set up a storage (General Purpose v1 or v2) account rather than a storage blob. Take note of the storage account name and the primary access key. (In Azure, from the storage screen, click Manage Access Keys at the bottom of the screen.) These need to be entered into the MigrationWiz migration project when specifying the Destination settings. We recommend that you create your Azure storage account in the same Microsoft data center as the Destination Office 365 tenant. There is no need to create any Azure containers for this migration. The access key information that is needed are these:
This is step-by-step instruction to create an Azure Storage Account using the legacy Azure Portal:
- Visit https://manage.windowsazure.com
- Go to Storage.
- Click New.
- Select Storage > Quick Create.
- Choose a URL for the storage.
- Select the location of the storage.
- In the Replication field, select Geo-Redundant.
- Click Create Storage Account.
- Now the storage account appears in the storage list.
This is step-by-step instruction to create an Azure Storage Account using the new Azure Portal:
- Visit https://portal.azure.com
- Click New.
- Select Storage > Storage account.
- Enter a name for your storage account.
- Choose Resource manager for the Deployment model.
- Choose Blob storage for the Account kind. If you are using the v2 endpoint for a document migration, you need to select STORAGEV2 (general purpose v2).
In the Replication field, select Read-access geo-redundant storage (RA-GRS).
Select the subscription in which you want to create the new storage account.
Specify a new resource group or select an existing resource group.
Select the geographic location for your storage account.
Click Create to create the storage account.
Now the storage account appears in the storage list.
- -accesskey – This is the Storage account name for the Blob – example “accountname”
- -secretkey - This is the access key for the Storage account – example “W1RrDfkPNkfYfdVqizMNJjn5mXchwMP5uYBY8MsMqWTA7EubG911+4fZlki0Gag==”
Step 2: Source & Destination Preparation
Prepare the Source Environment
Source endpoint: Google Drive (Own Service Account) Endpoint
This endpoint requires your tenant service account to be set up and Google APIs be enabled. Follow the steps below to set up your environment for this endpoint.
- Subscription to Google Cloud Platform.
- Google Super Administrator account.
- Ability to set up a service account on the G Suite tenant.
- Service account must be set up before the MigrationWiz project is created.
1: Create a Google Project:
Go to the Google Cloud Platform (GCP) Console and sign in as a super administrator. Choose one of the options below:
If you haven't used the Google Cloud Platform Console before, agree to the Terms of Service and click Create Project.
If you have used Google Cloud Platform Console before, at the top of the screen next to your most recent project name, click Down to open your projects list. Then, click New Project.
Enter a project name and click Create.
- When the new project creation completes, at the top of the screen next to current project name, click Down icon and select the newly created project name from the list.
2: Enable APIs for Service Account
- From the Google Cloud Platform Console, click Menu > APIs & Services > Library.
- Enable the following APIs by selecting the specific API and clicking Enable.
Repeat for each API listed below:
- Google Drive API
- Admin SDK
- Make sure that the respective services are enabled within the Google tenant. You can control services for your users using the instructions on this page: Control who can access G Suite and Google Services.
3: Create Customer Tenant Service Account
From the Google Cloud Platform Console, click Menu > IAM & Admin > Service accounts.
Click + Create Service Account at the top middle of the screen and enter a name.
Assign the role of Owner to the new Service Account by selecting Owner from the Role drop down menu.
Click Continue to move to the next step, then click the Done button.
- You will now be returned to the "Service Accounts" page.
- On ‘Service accounts' page, click vertical ellipsis under 'Actions’ column for the service account created above.
Click Create key
- Make sure that JSON is selected as "Key Type."
Make sure that you download the key as a JSON file and make a note of the name and location of the file. This JSON file will be used when setting up the migration endpoint in the Mailbox Migration project.
The JSON file must contain information in the following fields: “type”, “private key”, and “client email”. If these mandatory fields are empty the file upload during endpoint creation will fail.
4: Setting the Scopes for the Migration
From the Google Cloud Platform Console:
- Click Menu
- Click IAM & Admin
- Click Service Accounts
- Find the service account that was set up in Step 3: Create Customer Tenant Account.
- Find and copy the service accounts Unique ID number. This is the Client ID number that will be used in a later step.
- This field often needs to be added to the view. Click on the Column display options button and add a checkmark to Unique ID, then click OK.
- This Client ID should be considered similar to Administrator account passwords and handled securely.
- You will now have one of two options, depending on if the Google UI has been updated in your tenant.
- Go to the G Suite admin page at google.com
- Click on Security
- Click on Advanced Settings
- Click Manage API Client Access.
- Go to the G Suite admin page at google.com
- Click on Security
- Click Advanced Settings
- Under ‘Domain-wide delegation’, click Manage domain-wide delegation
- On the Manage domain-wide delegation page, click Add new
- Once these steps are complete, paste the Unique ID copied above in the Client ID field.
- In the Client ID field, paste the Unique ID copied above.
- In the OAuth scopes (comma-delimited) field, paste all scopes listed below:
- For source endpoint :
https://www.googleapis.com/auth/admin.directory.group.readonly, https://www.googleapis.com/auth/admin.directory.user.readonly, https://www.googleapis.com/auth/drive.readonly
- For source endpoint :
- Click Authorize.
You should now see your specific Unique ID and the associate scopes listed.
Prepare the Destination Environment
- Create a SharePoint Online administrator or Site Collection administrator account to be used for migration, or use the global admin account for the tenant. Read the Manage administrators for a site collection article from Microsoft for more information.
- Create a SharePoint site. Make a note of the site URL where the document libraries will be stored. This will be entered when creating your MSPComplete Destination endpoint.
- Before beginning the migration project, create the structure of the document libraries, and also create the actual document libraries on the Destination SharePoint Online site. Refer to the Training: Introduction to document libraries video from Microsoft for more information.
- Set up the app-based authentication in the Office 365 tenant. For specific instructions, see Sharepoint App-based Authentication.
Using App-based Authentication
BitTitan uses app-based authentication for SharePoint, OneDrive for Business, Office 365 Groups (Documents) migrations, and Teams migrations. This provides greater security and reduces the potential of Microsoft throttling. It replaces the previous Office 365 authentication, which has been subject to increased throttling by Microsoft. This app-based authentication method is specific for Office 365 tenants.
Important: This app must be added in both .microsoftonline.com tenants (Source and Destination) to reduce the throttling and failures due to Microsoft throttling policy changes.
If this app is not added on both tenants, MigrationWiz will attempt to create a temporary substitute app in the tenants to be used for authentication. We do not recommend relying on this substitute app creation, as this behavior will only be a temporary transitional behavior within MigrationWiz. To avoid potential interruptions or failures in migrations, it is strongly recommended to set the app up in the tenants.
The steps for creating and removing this app are below:
Add the App to the tenant
Visit the following URL and sign in as the administrator user:
For SharePoint or OneDrive migrations: https://login.microsoftonline.com/common/adminconsent?client_id=e7c20566-14a7-4722-acd1-396f7268ea1a&state=12345
Do this for both Source and Destination tenants.
Authorize the App for both Source and Destination tenants and Click on the Accept button on the fly-out.
Post Migration Steps
To remove the BitTitan Enterprise app, perform the following steps:
- Launch PowerShell.
- Connect PowerShell to Office 365.
- Enter the command:
- Enter the admin credential in the prompt.
- Enter the command:
Get-AzureADServicePrincipal -SearchString Migration
- Look for the ObjectId of the app you want to remove and enter the following command:
Remove-AzureADServicePrincipal -objectId <the object id>
Step 3: Set up MigrationWiz
The following steps will guide you through setting up your migration project in MigrationWiz. For all endpoints in this process, select or create the Google Drive (Own Service Account) endpoint.
Create New Project
- To create a new migration project:
- Click the Go To My Projects button.
- Click the Create Project button.
- Under Project Type, select Document Project. Document projects are used to migrate document drives from one cloud storage to another. Document migrations will maintain the folder hierarchy from the source to the destination.
- Enter a Project name and select a Customer. If you have not already added the customer into MSPComplete, you will need to click New to create the Customer.
- Click Next Step.
- Select the source endpoint from the Endpoint dropdown list, or create a new source Google Drive (Own Service Account) endpoint.
- Click Next Step.
- Select the destination Dropbox endpoint from the Endpoint dropdown list, or create a new Dropbox endpoint.
- Click Save and Go to Summary.
- On the Authorization page, click the Request Access Token button to open the Dropbox authorization page.
- Enter the email address and password for the Dropbox admin account and click the Sign In button. This generates the access token required by MigrationWiz for the MigrationWiz project and redirects back to the Authorization page of the MigrationWiz project.
- Click the Save Project button.
Add the accounts (also referred to as "items") that will be migrated to the project. There are several ways to do this.
MigrationWiz allows you to bulk import mailboxes into the system.
To import one or more mailboxes:
- Sign in to your MigrationWiz account.
- Select the Project for which you want to perform the bulk import.
- Click on Add.
- Click on Bulk Add.
- Follow the instructions on the page.
The Autodiscover process within MigrationWiz can be used to discover items from the Source environment, so that they can be imported into your projects.
There are few requirements in order for this to work:
- The Source has to be Exchange 2007 or later, or Office 365, or G Suite. If you are using Autodiscover from G Suite, all G Suite domains must be added to the list of domains in the Endpoint.
- The endpoint on the Source needs to use admin credentials.
- For mailbox migration projects, the admin account that is specified within the Source endpoint needs to have a mailbox associated with it.
- The admin mailbox must be listed in the public Global Address List (GAL).
- The migration project type needs to be a Mailbox migration. For the exact steps to be followed during your migration, refer to the relevant Migration Guide. All Migration Guides can be found on the Help Center site.
One additional item to note here is that there is not a way to restrict the IP addresses that the connection will come from. This means that the steps outlined in our IP Lockdown guide will not apply here. If your environment requires that any IP addresses be whitelisted, it is recommended that items be added to your project using on of the other available options.
Autodiscover of items will not work while using Modern Authentication
Autodiscovery exposes the following items:
- For mailbox migration, autodiscovery will list all mailboxes at the Source.
Steps to Run Autodiscover
Navigate to the project you want to import users into.
Ensure that you have created an endpoint for the source project.
Once in the project, on the top navigation bar, click on the Add drop-down, then select Autodiscover Items. This will begin the Autodiscover process.
Once discovered, click on the Import button, to import the items into your MigrationWiz project.
Set Advanced Options
Under Support/Support Options add:
InitializationTimeout=8- This increases the initialization timeout window to eight hours.
RemoveExistingPermissionsWhenUnspecified=1There are no spaces on either side of the "=" sign, and the entries are case-sensitive, so pay special attention to the capital letters in the commands above.
Set the Advanced Option to send a notification to end users after the migration pass completes:
- Notifications > Send successful migration and notification to: > Source email address (if users are still using G suite Gmail) or Destination email address (if users have already migrated from the G Suite gmail platform).
- Customize the notification email. Checkmark the Customize "successful migration" email box. Add your own customization text and company name to this email.
- Notifications should only be set up before the final pass. If performing a single, Full pass, set this up now. If you are following a Pre-stage migration strategy, only set this up prior to the final Full (Delta) pass.
Run Verify Credentials
You may verify the credentials of items in MigrationWiz without migrating data or consuming any licenses.
- Open the Project containing items you wish to validate.
- Select the items you wish to validate.
- Click on the Start button in your dashboard.
- Select Verify Credentials from the drop-down list.
Once complete, the results of the verification will be shown in the Status section.
Notify users that a migration is occurring. Send an email to all users telling them the time and date of the migration. During this time, they should not modify any documents in their Google Drive accounts, because any modifications will not be included in the migration.
Step 4: Run Migration
Perform the migration, using one of the following strategies. More information on each strategy is included in the Migration Planning and Strategy Guide linked in the beginning of this guide.
- Full Migration strategy. For small migration projects that are less than 50 users, we recommend a Full Migration strategy. This is a single, full-pass migration, and requires licenses. This migration selection will migrate all identified and supported items.
- Pre-Stage Migration Strategy: This strategy includes a Pre-Stage pass and a Full (Delta) pass. This migration selection will migrate all identified and supported items before the selected date. This migration option requires a license of the appropriate type.
Additional Migration Types
Trial - Free migration pass. This migration selection is used to test the migration server. It will migrate up to 10 items per folder or up to 5 MB of data per mailbox. A full migration with a license will pick up where the trial left off.
Verify Credentials - Free migration pass. This migration selection will test to make sure that the credentials being used for migration are correct and will allow a successful connection. No data is migrated.
Retry Errors - Free migration pass. Once a Full or Pre-Stage migration has completed successfully, Retry Errors can be run to retry only failed items.
For large migration projects that are more than 50 users, we recommend a Pre-Stage Migration strategy. This is a multiple-pass migration.
Recent changes to the Dropbox APIs prevent us from adding watermarks on files in the Destination Dropbox accounts. Therefore, if you perform a partial migration, reset the items in MigrationWiz, and then perform the migration again, you will end up with duplicate files at the Destination. If you must rerun the migration, we recommend that you first delete all files already migrated to the destination Dropbox accounts.
Once you have chosen your migration strategy:
Click on the name of the Project you want to run.
- Select one or more items to migrate by checking the box next to the item name. If you want to select all the items, click the checkbox to the left of Source Email.
- Click on the Start button and select the type of migration to run.
- If you want to delay your migration, then select the checkbox marked "Automatically start the migration at", and enter the date and time to have the migration start. To start a migration immediately, you do not need to select the scheduling option.
- Click Start Migration.
Click the pie chart icon in the MigrationWiz dashboard to receive an email containing all the project migration statistics.
- To prevent users from inadvertently logging in and using their Google Drive accounts, decommission the Google Drive user accounts, or change their passwords.
- Delete all the Azure containers used for this migration. This will prevent incurring post-migration Azure costs for these containers. Be careful to only delete the containers created for this migration.