JumpCloud Office Hours: Join our experts every Friday to talk shop. Register today

Migrating a Windows Machine from Active Directory®



For many JumpCloud customers, a major milestone in adopting the Directory-as-a-Service® platform is completing the migration of their Windows® machines from Microsoft® Active Directory® (AD) to JumpCloud. The JumpCloud Solutions Architecture team created a new tool, the AD Migration Utility (ADMU), to streamline the process. The following tutorial video shows you how to migrate an individual Windows machine into JumpCloud, which we will break down in this blog.

The ADMU can be used in two ways: through a graphical user interface (GUI) or run via the PowerShell command line. The GUI is used to migrate individual Windows systems, which is the subject of this blog; PowerShell commands are used to migrate profiles en masse.

To use the ADMU download it from our GitHub repo. Once downloaded, the ADMU must be run as an administrator. Please note that the ADMU console window must remain open during the duration of the migration. When running, the ADMU looks like this:

The migration process can be broken down into four steps, which are outlined in the ADMU GUI itself.

  1. Select the Domain Account to migrate.
  2. Specify the local account username to migrate the Domain Account to.
    – NOTE: The local username must match the existing JumpCloud account username
  3. Enter the JumpCloud system connect key and select system migration options.
    – The system connect key can be found when adding a new Windows system in the JumpCloud admin console.
    – At this point, admins can also choose between 4 additional migration options. Although optional, each of these options are recommended for complete migration in a single click:
    1. Accept EULA
    2. Install JC Agent
    3. Leave Domain
    4. Force Reboot
  4. Click the Migrate Profile button.
    – The button is unclickable until the three steps above are complete.

Once the ‘Migrate Profile’ button is clicked, the ADMU creates a new local user on the individual system using the credentials entered into the GUI. During this process, the ADMU also automates the process of porting files and settings from the domain account to the new local account.

At this point, the ADMU forces the system out of the domain. Please note again that the ADMU console cannot be closed at all during migration. The console runs its prescribed scripts, creating the jcAdmu.log file in the system’s temporary folder. After a couple of minutes, the migration is complete and the JumpCloud system agent installed.

After this, all you need to do is bind the proper JumpCloud user to the newly migrated system, which is added to the JumpCloud admin console, and the process is complete.

Your domain-bound Windows system has now been migrated from AD to JumpCloud. If you have any questions, feel free to contact us to learn more.


Recent Posts
Migrating clients off Active Directory and to a cloud directory service doesn’t have to be difficult. Check out our free tool, the ADMU.

Blog

Migrating Clients Off Active Directory

Migrating clients off Active Directory and to a cloud directory service doesn’t have to be difficult. Check out our free tool, the ADMU.

By adding MFA to VPN connections through RADIUS, IT admins can rest assured that their remote user access is secure. Try JumpCloud free.

Blog

Setting Up VPN MFA to Secure Remote Workers

By adding MFA to VPN connections through RADIUS, IT admins can rest assured that their remote user access is secure. Try JumpCloud free.

In an ideal world, MSPs could leverage a group policy object analogue across all three operating systems. Are there cross-OS GPOs for MSPs?

Blog

Group Policy Objects (GPOs) for MSPs

In an ideal world, MSPs could leverage a group policy object analogue across all three operating systems. Are there cross-OS GPOs for MSPs?