Migrate User and Computer to Azure AD
Microsoft needs to provide a command-line option or built-in feature that allows the ability to migrate existing AD user and computer objects to Azure AD.
- Hybrid join does not stay AAD joined if you remove from AD.
- Bulk enrollment only works for OOBE (new device0 and not existing devices.
- USMT does not support AAD accounts, requires profile to be manually logged on first to create Windows Profile. There is no way to get the AAD user SID to try and pre-create profile for USMT.
There either needs to be a tool or built-in mechanism to "switch" from AD to AAD while converting the Windows Profiles so user can simply logon with thier password (still says John Doe, but now it is email@example.com instead of CORP\jdoe) and thier profile is intact.
Currently the only way to accomplish this is a purely manual proccess of backing up the user profile, removing from domain, logging on with local admin, joining to workplace with user account. Logging on as that user, then performing a user profile restore. Most organizations want a hands free way of performing this kind of migration, where users show up the next day and simply logon, none the wiser.
Best option at the moment is to remove from AD, reboot and sign in as local admin. Join to AzureAD, reboot and sign in as the AAD user.
Finally, run ForensIT's ProfWiz tool to replace ownership of the local profile with the AAD user - it reboots and bingo you can log into your AAD user and have your profile intact.
Daniel Ward commented
Another scenario is moving user profile on an AAD joined machine to a new AAD joined machine. All of the options and tools I've found for this require using the cloud ... which simply isn't feasible for my situation.
Is this still the case?
IS there no automated way to migrate from AD to AAD while keeping the user profile?