Thursday, December 10, 2015

Migrating local users from one windows computer to another (2003 to 2008 32 bit)

This is for local users. I think you can do some domain things as well with these tools, but it's not my particular case today. Also, there are newer ways of doing this with PowerShell, but I've used this method to move from Windows 2000 to 2003 before, and today from 2003 to 2008 32 bit. We can't use a newer version because of incompatibility of CopyPWD with 64 bit.

Also, the official version of CopyPWD works for 2003 and older, but for 2008 32 bit, use the v1.1 named copypwd2 that is available in the links on this forum post . Again, I have not been able to get this to work on 64 bit, not even with the service method, which to me seems flawed, but I tried to fix and also couldn't get it to work. Please tell me in comments if you do.

Get information from original server:

Addusers copies the user information, but does not copy passwords. Check options here . Run from an elevated prompt.

/d is dump

Addusers.exe /d users.txt

Open the file and you will users under [User], [Global] which I believe is not used, and Local Groups in [Local]

I delete everything except [User] for my purposes. Also, I open this in excel, and fill in a temporary password, otherwise I will get errors when creating the users, and save as a csv. Copy to the new server with the same executable.

CopyPWD copies the password hash - note you have to run this from a console session, not regular RDP. Either use a real console or establish a console RDP session, and an elevated prompt (note, if using TS with /admin , only the old version worked for me).

CopyPwd DUMP > copypwd.txt

This creates a file with all local users and a hash - sensitive information, by the way. Copy to the new server with the same executable and dll. Please note this has to be the file name, as the SET command doesn't take arguments as far as I saw from the instructions.

Apply information on new server:

Copy the output files and from an elevated prompt, first create the users:

/c is create
/p:e is passwords never expire, and implies l which is users do not have to change passwords. This is my particular case, you will have to figure out what switch to use in yours.

Addusers.exe /c Users.csv /p:e

You should see a lot of messages creating users, and your users, with their comments should be on the server now. Alas, they all have the temp passwords you set in the CSV. To set the password use the CopyPWD command again:

For CopyPWD the command is 


Please note the copypwd.txt with the password hashes has to be in the same directory. If the user existed on the server, this process set the old password. You can now try the local accounts. Also - I had to use the new version of CopyPWD at for this to work on Windows 2008 32 bit.

Hit me up on twitter if you have other problems @arielsanchezmor

1 comment:

  1. Very useful and knowledgeable information you have shared. Thanks for sharing with us.
    Windows 7 to 10 Migration
    SCCM Migrations