This migration guide explains the process of migrating a OneDrive for Business instance in O365 to another OneDrive for Business instance in O365. The process in this guide does not support the migration of versions or metadata. The Source and Destination must be OneDrive for Business - not the personal OneDrive version.
Review ALL steps and dropdown lists carefully and ensure all the prerequisites are met before beginning the migration.
For more information on OneDrive migrations, it is recommended to review our FAQ.
If you wish to perform this migration to include versions and metadata, use the following migration guide instead:
OneDrive to OneDrive for Business (with Versions and Metadata) migration guide
If you are performing a GCC High/China migration, use the following migration guide instead (This scenario does not support versions or metadata at this time):
OneDrive for Business to OneDrive GCC High/China Migration Guide
Note that OneDrive data may not be accessible for a few days after migration, due to OneDrive's crawling and indexing process. We suggest having your users log in immediately after migration, but warn them that their data may not be available immediately. For this reason, it may be best to complete the migration on a Friday so the indexing can happen over the weekend.
If you are migrating to a Microsoft 365 Small Business Tenant account, the processes will be very similar. However, you will not be able to use admin credentials for your Destination endpoint and will instead be using end-user credentials.
This endpoint does not support personal site provisioning for user OneDrives in the destination tenant. Microsoft has provided steps to perform site provisioning using PowerShell outlined in the following Microsoft doc. (These steps will need to be completed before any job is submitted in the MigrationWiz project):
Pre-provision OneDrive for users in your organization
Due to versioning that is created by default in the destination OneDrive when applying permissions, storage usage in OneDrive may be increased.
If migrating from GoDaddy, additional steps will need to be taken. See the following for a supplement of those steps: GoDaddy-Hosted Office 365 to Microsoft O365 Migration Guidance
On-Premise OneDrive for Business is not supported.
We’ve created a guide on scoping, planning, and managing the migration process for your use. If this is your first migration, we recommend reading this guide carefully.
MigrationWiz is a migration tool, not a syncing tool. With this migration scenario, if changes are made at the source after migration, they will not sync to the destination with subsequent migration passes, nor will changes made at the destination sync to the source. We do not have “live” monitoring of changes (as with a sync agent) and we cannot handle scenarios such as conflict resolution without user interaction.
MigrationWiz supports the capability to share migration projects across a Workgroup. When the Project Sharing feature is turned on, all Agents besides those who are Inactive can view all migrations projects.
We are not able to support migrations with two-factor or multifactor authentication applied to the administrator accounts being used in the project. This does not apply to the user accounts being migrated.
- Shared Folders
- Permissions (Granted by Direct Access only)
- Code Files
- Audio Files
- Original metadata and BitTitan migration metadata (author, editor, created time, modified time, name, file size, type, MigrationWizId, MigrationWizPermissionId)
- Document attributes (Created by (person) and (time)
- Modified by (person) and (time))
- Versions & Metadata migrations only: Creation Date
- Non-Versions & Metadata migrations:
- Creation date (Creation date gets changed to the "date of migration" date)
- Version history
- Links giving access permissions
- Shared permissions for files/folders with symbols in name
- Both options require a Global Administrator for the configuration steps.
- Of the two options available, the more recommended is the App-Based Authentication, as it is more secure and incurs less throttling during the migration. This option also has the benefit of not requiring the account being used to migrate the data to have any administrator roles assigned to it.
BitTitan uses app-based authentication for SharePoint, OneDrive for Business, Microsoft 365 Groups (Documents), and Teams migrations. This provides greater security and reduces the potential of Microsoft throttling. It replaces the previous Microsoft 365 authentication, which has been subject to increased throttling by Microsoft. This app-based authentication method is specific for Microsoft 365 tenants. Using this option, including steps for uninstalling, can be found outlined here: App based authentication using Application Permissions for SharePoint and OneDrive Migrations
Full-Control vs Read-Only
Why does the source require consent to a Full-Control application permission?
All AMR migrations require full-control permission. If you have a specific need to not allow full-control permissions, you can use MigrationWiz-SharePoint-ReadOnly (only for the source). However, please note that with read-only permissions, MigrationWiz will not export document permissions, versioning or metadata, and cannot use AMR. Additionally, OneNote files will be migrated, but will not contain content, due to a lack of permissions when preparing the files to migrate.
Steps for enabling app-based authentication permissions
- Ensure you are signed in as a Global Admin.
Go to MigrationWiz-SharePoint-FullControl and consent to the app access when prompted. Once you click on Accept, you will be redirected to the BitTitan login page. This is normal and the page can be closed.
Create a new security group named MigrationWiz in the Office 365 Admin Portal. (The name of the security group must be an exact match)
Create a new user that is not having data migrated in the project. This account does not require any administrator roles to be assigned. (If you already have an existing user, that should be fine)
Add the new (or existing) user to the previously created security group as a Member (Adding as an Owner will not work here).
Create MigrationWiz project.
When creating the source and destination endpoints, enter the user credentials for the user in step 4 that corresponds with the endpoint the user belongs.
- Add the support option UseApplicationPermission=1 to the advanced options of the MigrationWiz project under Support Options.
Create an Administrator Account to use Delegated Authentication
The easiest approach to follow is to use the global administrator account that was set up at the time of tenant creation. However, if you do not wish to use this global admin account during migration, then a new user account can be created instead. This will then need to have a license assigned that includes OneDrive for Business and be granted Site Collection Administrator privileges to the user OneDrives being migrated in the project. Using this option, including steps for uninstalling, can be found outlined here: Using Delegated App Permissions
Important: We strongly recommend that you use an administrator account that isn’t one of the users being migrated, as it can cause issues with missing shared permissions.
Create a user in Microsoft 365 and assign a license that includes OneDrive for Business. For step-by-step instructions, see the Microsoft article Add users individually or in bulk to Office 365.
Set the administrator privileges. Grant one of the permission levels listed below to the user account to be used as the administrator for the endpoint in the project.
Global Administrator. Microsoft has instructions to set these permissions here: Assign admin roles.
Site Collection Administrator. For specific permissions and project settings to be used with a Site Collection Administrator, see MigrationWiz Permission Requirements.
Add the support options UseApplicationPermissionAtSource=0 and UseApplicationPermissionAtDestination=0 to the advanced options of the MigrationWiz project under Support Options.
- Ensure you are signed in as a Global Administrator account in the tenant.
- Go to MigrationWiz-SharePoint-Delegated and consent to the app access when prompted. Once you click on Accept, you will be redirected to the BitTitan login page. This is normal and the page can be closed.
After you perform these steps, the specified user will be visible in the Microsoft 365 administrator center. Full provisioning of the user account can take up to 24 hours.
Preparing the Source
- Users being migrated need to be licensed to use OneDrive in the source tenant
- Users being migrated must not be blocked from signing into the source tenant
- Source OneDrives must not be set to read-only (This is initially for setup. Steps for setting up for read-only can be found under the Run Verify Credentials section later in the guide)
- If electing to use Delegated Authentication (outlined under Administrator Permission Options above) for the administrator account performing the migration, it must be set as Site Collection Admin of the source OneDrives
Export the migrating user list to a CSV file
This can be used when bulk-adding users to your MigrationWiz project later. You can copy and paste the user list into the Source and Destination Email columns within your MigrationWiz project dashboard under Add > Bulk Add.
To export the user list:
- Go to the Microsoft 365 admin portal.
- Click Users.
- Click Active Users.
- Click Export.
- Click Continue.
Be sure to save the csv somewhere you can access it for upload of users into the migration project
Preparing the Destination
- Users being migrated need to be licensed to use OneDrive in the destination tenant
- Users being migrated must not be blocked from signing into the destination tenant
- Destination OneDrives must not be set to read-only
- If electing to use Delegated Authentication (outlined under Administrator Permission Options above) for the administrator account performing the migration, it must be set as Site Collection Admin of the Destination OneDrives
Prepare Azure Environment for Destination Endpoint
An Azure Storage account is required when creating the destination endpoint for this project type (steps for setting up the endpoints are listed later in the guide)
Using Microsoft-provided Azure storage
If you are migrating more than approximately 5 GB per user in the project, we then recommend using your own Azure Azure storage for this migration. See Using your own Azure storage below for steps to set up your own Azure Storage.
Using your own Azure storage
If you plan to use your own Azure storage, refer the following steps to prepare your Azure environment. We recommend that you create your Azure storage account in the same Microsoft data center as the destination Office 365 tenant. You do not need to create any Azure containers for this migration.
- Estimate Azure storage costs. This step is optional but is useful in order to provide the customer with up-front storage costs ahead of time.
- Buy an Azure subscription (or use the free one-month trial, and be aware that this option is only viable if you are performing a very small migration).
- Create an Azure storage account. You will need to set up a STORAGE (General Purpose v2) account rather than a storage blob.
- Take note of the storage account name and the primary access key. (In Azure, from the storage screen, click Manage Access Keys at the bottom of the screen.) These need to be entered into the MigrationWiz migration project when specifying the destination settings.
To create the Azure storage account:
- Visit the Azure portal.
- Click New.
- Select Storage > Storage account.
- Enter a name for your storage account.
- Choose Resource manager for the Deployment model.
- Choose STORAGE (General Purpose v2)
- Record the storage account name (-accesskey, example: “accountname”) and primary access key (-secretkey, example: “W1RrDfkPNkfYfdVqizMNJjn5mXchwMP5uYBY8MsMqWTA7EubG911+4fZlki0Gag==”)
- In the Replication field, select Locally Redundant Storage (LRS).
- Select the subscription in which you want to create the new storage account.
- Specify a new resource group or select an existing resource group.
- Select the geographic location for your storage account.
- Click Create to create the storage account.
Now the storage account appears in the storage list.
Create a Document Project
Log in to MigrationWiz.
Click the Go to My Projects button.
Click the Create Project button.
Select the Document project type.
Click Next Step.
Enter a Project name and select a Customer. (If no customer exists yet other than the Default customer. Click on New and create a customer for the project)
Click Next Step.
Select endpoints or follow the steps below to create new endpoints.
Endpoints are now created through MigrationWiz, rather than through MSPComplete. The steps for this section outline how to create the endpoints in MigrationWiz.
If you are selecting an existing endpoint, keep in mind that only ten endpoints will show in the drop-down. If you have more than ten, you may need to search. Endpoint search is case and character-specific. For example, Cust0mer will not show up if the search is customer. We recommend keeping a list of endpoints you have created, along with any unique spellings or capitalization you may have used.
To create a new Source Endpoint in MigrationWiz:
Click SOURCE SETTINGS
- Name the endpoint. It is recommended that the name of the endpoint be unique for the project.
Under Endpoint Type, select OneDrive for Business from the dropdown menu
Enter the administrator username and password in the proper fields.
To create a new Destination Endpoint in MigrationWiz:
Click DESTINATION SETTINGS
Under Endpoint Type, select OneDrive for Business
Select the radio button named OneDrive for Business (Office 365 User) - Documents and Permissions
Enter the administrator username and password in the proper fields.
Enter the Azure Storage Account Name and Azure Access Key (if using your own Azure storage) or select Microsoft-provided Azure Storage. If entering the Azure Storage Account Name for the destination endpoint, only numbers and lowercase letters can be used. If you enter an upper case letter, your migration will fail.
Click Add Endpoint.
Add Items to the Project
You can add the user accounts (also called "Line Items") that will be migrated into the project using the CSV file created in the Preparing the Source section, click "Add" in the menu dashboard and select "Bulk Add".
If you're also running a Mailbox Project for the users that will be migrated here, you can use the "Add from MSPComplete" option. Verify the users are licensed in MSPComplete or in the Mailbox project before adding them.
Important: The user's Source and Destination address in the OneDrive project must match the current username (User Principal Name) for their account in the Microsoft 365 tenant or authentication errors may result. It may be necessary to edit the addresses in your MigrationWiz project after you have imported your users. This will be required if you have already applied the User Migration Bundle to an address that is not the User Principal Name. Read the Cannot Authenticate article for more information.
Applying User Migration Bundle licenses:
In your OneDrive project, make sure you are in the correct workgroup (this can be found in the upper left-hand corner).
Select the checkbox next to the users in your project that are to be assigned a User Migration Bundle license.
On the toolbar at the top of the project screen, select Apply Licenses
Select Apply User Migration Bundle License from the dropdown list.
If there is at least one unassigned User Migration Bundle license available for each selected user, click Confirm. Processing User Migration Bundle licenses can take time. Once the status under User Migration Bundle Active shows a status of Yes, the assignment of the User Migration Bundle license has been successfully applied.
Advanced Options & Support Options
Add the following Support Options by navigating to the Advanced Options of the project. Each individual Support Option includes the "=" character and is to be entered under the Support tab in the section named Support Options. To add additional blank fields for entering the Support Options, click on the "+" button.
InitializationTimeout=8 This increases the initialization timeout window to eight hours. This is especially useful for large migrations.
- DestPersonalSitesIsProvisioned=1 This option tells MigrationWiz that the destination OneDrives have been provisioned, as this migration scenario does not support MigrationWiz to provision OneDrives. This is mentioned near the beginning of the guide under OneDrive migrations.
- Migrations of over 15GB are now supported, but this must be set up in Advanced Options. These settings will prevent timeout errors when a Speedster import takes more than 10 minutes to complete.
- LargeFileMigrationsTimeout=7200000 (720000 value is an example; time is measured in milliseconds)
Required for Multi-Geo migrations: For custom non-standard URLs being used for the SharePoint Admin center in O365, add OneDriveProExportAdminUrl=<non-standard URL> (Source tenant) and/or OneDriveProImportAdminUrl=<non-standard URL> (Desination tenant). Replace "<non-standard URL>" with your custom URL (do not include the ") being used for the SharePoint Admin center.
Permission mapping for files and folders
The two Advanced Options outlined below function independently of each other. However, they are complementary options that can be used together. We suggest using MapPermissionEmailByPairsInProject as your primary auto-mapping option and then adding UserMapping to take care of any outliers and avoid interruptions to your migration.
Map Permission Email by Pairs
In scenarios where the prefix of the User Principle Names are to change during a migration, you will need to add the following for automapping of permissions based on the source and destination User Principle Names you have entered in the project. This option is only valid where OneDrive for Business is the destination.
Support Option: MapPermissionEmailByPairsInProject=1
Environment(s): OneDrive (Destination)
Migration Type(s): OneDrive as destination only.
Important: If you have user OneDrives migrating for the same customer in multiple projects, you must enter the following support option in each project instead of MapPermissionEmailByPairsInProject: MapPermissionEmailByPairsInCustomer=1
Description: When OneDrive is the destination, this option can be used to map permissions by pairs in the project. email@example.com to firstname.lastname@example.org.
Use the UserMapping advanced option when you want to customize the permission mapping for a user or group.
Please note that the destination user/group (email@example.com) must have been commissioned and be available at the destination document library before migration.
Run Verify Credentials
Open the Project containing the items you wish to validate.
Select the items you wish to validate.
Click on the Start button in your dashboard.
Select Verify Credentials from the drop-down list.
Once complete, the results of the verification will be shown in the Status section.
To lock (set to ReadOnly) the source OneDrive items prior to migration:
Make sure all OneDrive line items are not locked.
Run Verify Credentials pass for all OneDrive line items. This will add the provided credentials as a site collection administrator for these items.
You can now lock all the OneDrive line items.
Run a full migration pass.
Send out the final notification that the migration is beginning. Include when the migration will start, expected duration, any usage instructions during migration, and any expected steps or notifications for the post-migration timeline. Remind them to avoid modifying any documents at the Source, as this may cause corrupt data or an incomplete migration.
From the MigrationWiz interface: (Due to this migration type not supporting versions or metadata, the Pre-Stage pass is recommended)
Select the users you wish to migrate.
Click the Start button from the top.
Select Pre-Stage Migration.
Under the Migration Scheduling section, from the drop-down list, select 30, 60, or 90 days ago.
Click Start Migration.
Perform a Full Migration
Select the users.
Click the Start button from the top.
Select Full Migration from the drop-down list.
- Click Start Migration.
Addressing Project Errors
Look through the user list and click any red "failed migration" errors. Review the information and act accordingly.
If problems persist, contact using the steps outlined in this link: Support.
On the All Projects page in MigrationWiz, click the pie chart icon for the project you want to request a statistics report (far right-hand side of the page). An email containing all the project migration statistics will be sent to the BitTitan account for the project.
Post Migration Steps
Remove the Authentication App
To remove the BitTitan Enterprise app, perform the following steps:
- Launch PowerShell.
- Connect PowerShell to Microsoft 365.
- Enter the command: Connect-AzureAD
- Enter the admin credential in the prompt.
- Enter the command: Get-AzureADServicePrincipal -SearchString Migration
- Look for the ObjectId of the app you want to remove and enter the following command: Remove-AzureADServicePrincipal -objectId <the object id>
Click the bar chart icon in the MigrationWiz dashboard to receive an email containing all the project migration statistics. Read the How do I request statistics for my migration project? article for more information.
Decommission source accounts
To prevent users from inadvertently logging in and using their Source accounts, decommission their Source OneDrive for Business user accounts, or change their passwords.
Notify users once the migration has been completed. If you set the MigrationWiz Advanced Option for Notifications, they will receive an email upon migration completion. Assist them with setting up access to their OneDrive for Business accounts, and setting up their synchronization settings.