When mapping of on-premises AD Security Groups to the "Azure AD Object ID of the security group" and running migrations over Import API, you may run into the following error in the Import API Batch logs.
Progress] Importing User c:0t.c|tenant|22b2069e-8752-4e9e-ac53-c1c56ff2eba0.
[Warning] [-2130575276] [Microsoft.SharePoint.SPException] [The user does not exist or is not unique.]
As a result permissions for AD security groups do not migrate producing the exception "User does not exist or is not unique" error message in Content Matrix as seen in the screenshots below:
This was a known issue. This behavior does not apply when using CSOM migration without Import API.
This issue has been resolved in Content Matrix 9.3.0.1. Please update to the latest published version of the product if you are encountering the issue. If using a lower version of the product, the workaround is to use CSOM migration without Import API.
Note:
This KB article is addressing the limited impact of permissions (role assignments) not getting carried over for existing AD Security groups, assuming the AD security groups are already present in the destination, in this case Azure AD. Content Matrix is SharePoint migration tool and it does not create/migrate users or security groups to Azure AD. They have to be pre-provisioned or synced using AD connect or migrated using a third-party tool, before initiating content migrations.
© ALL RIGHTS RESERVED. Feedback Terms of Use Privacy Cookie Preference Center