SharePoint : Migrating SharePoint Server from one domain to another

You have a Single Server farm and would like to migrate SharePoint server to a new domain



Step 1: Preparations before migrating servers:

1.Check if the SharePoint Central Administration’s Application Pool is running under Network Service or using a Domain Account

To verify:

a. Open IIS manager –>Expand Web Sites –> Right Click on SharePoint Central Administration –> Properties –> Home Directory Tab and then locate the Application Pool mapped

b. Right click on the Application Pool and then Click on then Identity Tab.

Note: If the Application Pool is running under Network Service then we can skip the next step.

2.  Create a new service account in the new domain (CONTOSO.COM)

3. Open SQL Management Studio and backup all the SharePoint related databases including configuration database.

Step 2: Making SharePoint Server a member server of a Different Domain

1. Right click on My Computer

2. Click on Properties

3. Under Computer Name click on Change…

4. Set it to Workgroup (Restart)

After the restart of the server, join the server back to the domain following 1 – 3 section however, pointing it as a member of new domain (CONTOSO.COM).

Step 3: Setting up Service Account Rights:

Add the newly created service account to the Local Administrator, WSS_WPG, WSS_ADMIN & IIS_WPG group

To do so follow:

1. Right click on My Computer

2. Click on Manage

3. Expand Configuration and then expand Local Users and Groups

4. Click on Groups and then from the right pane double click on the appropriate group as mentioned above and add the service account.

Step 4: SQL Permissions:

We have to setup appropriate permission for the new service account in order to make SharePoint Work.


1. Open SQL Management Studio and then connect to the server

2. Expand Security

3. Right click on Logins and select new login

4. Under Login name specify the new service account

5. Click on Server Roles and Check (DBCreator & SecurityAdmin)

6. Click on User Mapping and then Check the SharePoint related databases one at a time giving DB_Owner Rights.

Step 5: Updating Service Account:

To update SharePoint with the new service account we have to execute following commands on all the SharePoint Servers.

Open CMD and navigate to cd %commonprogramfiles%\Microsoft Shared\Web server extensions\12\Bin

1. stsadm -o updatefarmcredentials -userlogin CONTOSO\ServiceAccount -password NewPassword

2. stsadm -o updateaccountpassword -userlogin CONTOSO\ServiceAccount -password NewPassword -noadmin

3. stsadm.exe -o spsearch -farmserviceaccount CONTOSO\ServiceAccount -farmservicepassword NewPassword

4. stsadm.exe -o spsearch -farmcontentaccessaccount CONTOSO\ServiceAccount –farmcontentaccesspassword NewPassword

5.stsadm.exe -o editssp -title SharedServicesProviderName -ssplogin CONTOSO\ServiceAccount -ssppassword NewPassword

6. stsadm.exe -o osearch -farmserviceaccount CONTOSO\ServiceAccount -farmservicepassword NewPassword

Note: In case of WSS v3 point no. 5 & 6 is not applicable.


Step 6: Confirm Site loads:

Using the new farm service account attempt to load the SharePoint Central Administration, once it loads successfully attempt to load the Portal Site using the same account.

Step 7: Migrating User Accounts:

Warning: Before you begin ensure that we have migrated all the AD user accounts to the new domain.

Note: When a user is migrated in Active Directory, the Security Identifier (SID) changes for the user. Additionally, the logon information for the user might be changed. Windows SharePoint Services and Microsoft SharePoint Portal Server 2003 store user information based on both the user SID and the user logon information. When the user SID or the user logon information changes in Active Directory, Windows SharePoint Services must be updated with the new user information before the user can access Windows SharePoint Services successfully.

In order to map the old domain account to the new domain account in SharePoint execute following.

Open CMD and navigate to cd %commonprogramfiles%\Microsoft Shared\Web server extensions\12\Bin

Execute: stsadm -o migrateuser -oldlogin DOMAIN\user -newlogin DOMAIN\user -ignoresidhistory

Where OldLogin = User account from the old domain for e.g., FABRIKAM\SUSHRAO

And the Newlogin = Migrated user account CONTOSO\SUSHRAO


To migrate the Security Group

stsadm –o migrategroup –oldlogin Domain\group –newlogin Domain\group

Where OldLogin = security group from the old domain for e.g., FABRIKAM\HR

And the Newlogin = Migrated group CONTOSO\HR

Comments (15)

  1. Anonymous says:

    yes, how do you achiever for mutiserver farm? CAn you please answer that? Or it can’t be done?

  2. Anonymous says:

    I want to know a good way to warm up IP addresses for SMTP services, I am willing to pay for a proven methord? Akshat asked 16 hrs ago – 3 days left to answer I want to know a good way to warm up IP addresses for SMTP services, I am willing to pay for a proven methord we Need experts on SMTPs anyone who can warm IP addresses we are willing to pay or someone who can provide to us some warmed up IP addresses. we have tried some services but they were not very good PLEASE CONTACT ASAP

  3. Sunil says:

    Great Post!, neatly described.

  4. Bishan Ruder says:


    How does this work if you have multiple WFEs and APP servers in the Farm?

  5. Krishnamraju says:

    HI, seems to be fine,How to change the configuration DB servcice account?

  6. SP RickyRick says:

    How does this work if you have multiple WFEs and APP servers in the Farm?

  7. shrikant mane says:

    Very useful…

  8. Feroz says:

    These steps are applicable for SharePoint 2010 also?

  9. Chris says:

    I’m about to try and apply this to SP 2010 ….. wish me luck. The server has already been added to a new domain and thus broken SP

  10. Great Post says:

    Thanks a lot for this info

  11. Bhashwar says:

    Is it possible to move domain at any stage (dev, staging, or production)?

  12. Fbuul says:

    When you execute the command "stsadm -o updatefarmcredentials -userlogin CONTOSOServiceAccount -password NewPasswordIf", you get : "error updating the administration application pool credentials". Check the firewall settings on the computer 🙂

  13. Rupesh D. Singh says:

    Great Info!!

  14. Anku says:

    Thanks for sharing.
    Share, organise and discover information with Microsoft SharePoint. Read case studies, learn about SharePoint Online and discover Apps for SharePoint. To know more check

  15. Itmytybuster says:

    When i run the command fir stsadm -o … i get farm value cannot be null. Currently admin portal operational, the collections are not. Sharepoint 2010

Skip to main content