Skip to content

Revert ADMU Migration

Joe Workman edited this page Jun 26, 2024 · 3 revisions

Reverting Migration / Failed Migration

It is possible to revert an account migration manually. In some cases, ADMU migration can fail if interrupted by AntiVirus or through other means. If that's the case, after logging into what should be the migrated account, a message stating that Windows "Can't sign into your account" may be displayed.

Screen Shot 2023-04-19 at 12 09 16 PM

If Windows is unable to access the "NTUSER.DAT" file assigned to the account security identifier (SID), a temporary profile will be created. Files or changes saved to this account are removed upon logout.

Screen Shot 2023-04-19 at 12 09 39 PM

Steps to revert Migration

To revert a migration (failed or successful) two files must be renamed and one registry key updated. During ADMU Migration, a backup of the original account user hive files are created:

  1. C:\Users\UserToMigrate\NTUSER_original_2023-04-19-120351.DAT
  2. C:\Users\UserToMigrate\AppData\Local\Microsoft\Windows\UsrClass_original_2023-04-19-120351.dat

This backup step precedes migration steps, if the backup of the original AD user's registry hive isn't made, the ADMU migration will exit before modifying files/ registry. Both of those files represent the registry hive for the original AD User.

Rename Registry Hive Backup Files

The two backup files must be renamed to their original file names to allow the original AD user to login:

Rename C:\Users\UserToMigrate\NTUSER.DAT -> C:\Users\UserToMigrate\NTUSER_migrated.DAT Rename C:\Users\UserToMigrate\NTUSER_original_2023-04-19-120351.DAT -> C:\Users\UserToMigrate\NTUSER.DAT Rename C:\Users\UserToMigrate\AppData\Local\Microsoft\Windows\UsrClass.dat -> C:\Users\UserToMigrate\AppData\Local\Microsoft\Windows\UsrClass_migrated.dat Rename C:\Users\UserToMigrate\AppData\Local\Microsoft\Windows\UsrClass_original_2023-04-19-120351.dat -> C:\Users\UserToMigrate\AppData\Local\Microsoft\Windows\UsrClass.dat

In these locations only the backup file should be renamed to NTUSER.DAT & UsrClass.dat which windows will reference with the user logs on.

Update Windows Registry Profile list

Open Registry Editor as an Admin

Navigate to HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\ProfileList

Identify the SID of the AD User who was migrated in this screenshot that user's SID is underlined and their ProfileImagePath Circled. Screen Shot 2023-04-19 at 3 36 35 PM

Change their ProfileImagePath to the original location of the user profile, in this screenshot the ProfileImagePath is updated to C:\Users\ChetAtikns. This was the user's home profile path before ADMU Migration.

Screen Shot 2023-04-19 at 3 38 31 PM

Lastly, update the new local user SID to point to a null location so that the profileImagePaths are not in conflict. In this screenshot the user SID with .bak denotes that the user profile who was signed in as a temporarily profile, their ProfileImagePath was updated to be C:\Users\null to ensure it's not in conflict with the AD user.

Screen Shot 2023-04-19 at 3 39 49 PM

If unbound from the domain, rebind

If the system was unbound from AD, bind the system back to AT to allow the AD user to login.

At this point in time, you should be able to login as the AD user using their AD credential set prior to ADMU migration.

Screen Shot 2023-04-19 at 3 43 26 PM