Windows 7 - Migrate Local Profiles to Domain Profiles in 5 Steps and 5 Minutes Using Registry Tweak
Don't waste hours using time consuming profile migration tools when you can do it in minutes using a simple registry tweak. This technique can be used to migrate local profiles to domain profiles, domain profiles to local profiles, and domain profiles to domain profiles. It simply involves modifying a registry value and changing the permissions on the user directory and registry hives. In my example, I will be migrating a local profile on Windows 7 to a domain profile. My local user's account name is "user" and my domain user's account name is "tuser". The local user is part of the Local Administrators group. The Domain User is not part of the Local Administrators group, but it won't matter if it is (This tutorial was tested with UAC turned off.) If you or your company finds this tutorial useful, helpful, or time saving, please consider making a donation with the paypal link on the right. This helps with the authors time and hosting bills. Thanks
This has been tested on many production and test environments. In our test environment, here is a list of customizations and software installed and configured on the local user's account:
- Microsoft Outlook (Outlook Anywhere Account)
- Microsoft Outlook (POP Account)
- Google Chrome (All user version and user directory version)
- Microsoft Office
- Personalized profile (Custom background, Desktop Shortcuts, Favorites, Start Menu and Taskbar)
It is important to note that after you migrate the profile, the saved passwords in Outlook will be lost. This is not a big deal because Outlook will prompt you to enter the password when you launch it (and you do remember your email password, right???). You can use a tool like SIW.exe to retrieve the email passwords before you migrate. You should not receive any errors during or after these steps. If you do, leave a comment and we can try to help. If you are seeking professional remote or on-site support with this, we offer support as an hourly or project charge, depending on your setup. Contact us at support at itswapshop dot com for more info.
I have simplified the entire process into 5 easy steps. I also have a much longer step-by-step guide with pictures below. If this is your first time, I recommend following the full guide. If you are looking for a refresher, follow the quick guide.
Quick Guide - 5 Step Local to Domain Profile Migration:
- Join to Domain, restart, and then login as local user.
- Grant full permission on c:\users\local_user to domain user and make sure to check "Replace all child object permissions with inheritable permissions from this object".
- While still logged in as local user, open regedit and grant full control on the HKEY_CURRENT_USER key to domain user. Make sure to check "Replace all child object permissions with inheritable permissions from this object".
- Expand HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\ProfileList. Each key here is associated with a user account on this computer. Go through each key and look at the "ProfileImagePath" string. Find the string for the local user and copy it. Paste it into the same string for the domain user. Now delete the entire key for the local user under the ProfileList key.
- Restart and login as the domain user.
It's as simple as that. If you want more details, here is the full guide:
Full Guide - Migrate Local Profile to Domain Profile in 5 Minutes:
1.) To begin, join the computer to the domain, reboot, and login as the local user (if you're not sure how to login as the local user after it's been joined to the domain, add the .\ prefix to the local users account name).
2.) In Explorer, right click on c:\users\local_user and choose properties. On the Security tab, click advanced:
3.) On the permissions tab, click Change Permissions. Click Add and enter the domain user account name (Since you are logged in as the local user, you need to provide domain admin credentials to assign the domain user full control permissions. Enter the domain admin credentials and click OK):
4.) Check Allow Full Control and click OK. Only check "Replace all child object permissions with inheritable permissions from this object" and click OK again. Click Yes on "This will replace explicitly defined permissions on all descendants of this object with inheritable permissions from local_user". Click OK on the "Advanced Security Settings for local_user" window and then on the "local_user Properties" window.
5.) Hold down the Windows Key and press "R" to open the run box. Type "regedit" in it and click OK:
6.) Right click on HKEY_CURRENT_USER and choose permissions. On the Security tab, click Advanced
7.) On the Permissions tab, click Add. Enter username of domain user and click OK (Since you are logged in as the local user, you need to provide domain admin credentials to assign the domain user full control permissions. Enter the domain admin credentials and click OK):
8.) Check Allow Full Control and click OK. Only check "Replace all child object permissions with inheritable permissions from this object" and click OK. Click Yes on "This will replace explicitly defined permissions on all descendants of this object with inheritable permissions from HKEY_CURRENT_USER". Click OK on the Permissions for HKEY_CURRENT_USER window:
9.) Expand the "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\ProfileList" key (I recommend right clicking on the ProfileList key and clicking export to make a backup of it). Each Key under ProfileList corrosponds to a user account. If you select one of the keys, the Value of the String "ProfileImagePath" will show you what user account it is for. Find the local user and the domain user keys:
10.) For the local user's key, copy the ProfileImagePath String value, and paste it into the ProfileImagePath String Value for the domain user:
11.) Right Click on the local user's key and click Delete. Click Yes to confirm the deletion:
12.) You are finished. Restart and login as the domain user.