Copy Local user accounts with password from old file server to new file server

SplatMan_DK

Ars Tribunus Angusticlavius
7,794
Subscriptor++
The very very short answer is no.

Each user, policy and policy assignment has a unique ID and creating new entities on the new server will give them new IDs even if objects are named exactly the same (the name is not a key anywhere). This is also what happens if you do a simple copy.

That said, there are third party tools that can do this. I doubt their price tag is worth it for 50 accounts plus policies. But I haven't purchased such a tool for over a decade so perhaps prices have come down.

The two "by the book" ways to do this are:

1.) Re-implement manually

OR

2.) Don't create a new domain on the new server and copy objects. Instead, enroll it in the existing domain as a secondary domain controller. This will give it all the objects of the domain, and it will work even if the original domain is very old. When you have the objects you need, promote the new server as your new primary controller and decommission the old one. Then, finally, upgrade the domain itself to the latest version, and stop supporting the oldest AD versions.

I am sure you can find a guide on the net that describes this is much greater detail. It's really the proposed way to "upgrade" a domain.
 
  • Like
Reactions: continuum

Paladin

Ars Legatus Legionis
32,552
Subscriptor
The original post seems to imply a Windows Active Directory is not in use so... yeah. You should make a domain server (preferrably 2) and create the same-ish user accounts on the new domain, create groups as needed and assign the users to groups. Then provide permissions to the groups, test everything, make any needed adjustments and enroll all the PCs to the domain and start using the new accounts. Ideally, you might want to have new PCs joined to the domain and have users move to the new PCs so they just use the domain setup from the get-go on the new PCs.
 

oikjn

Ars Scholae Palatinae
969
Subscriptor++
yea... OP definitely sounds like its a workgroup situation :flail: I can't imagine a 50-user workgroup unless there is some crazy legacy application situation that has required a bunch of local user accounts for some reason I can't fathom (other than bad application design). if this is just a normal file server and its also running server 2012R2, what you really need more than anything is an SMB consultant to help you with a proper path forward for your system. Workstation + Server 2012R2 today almost assumes that there is also zero data backup/recovery either.