This section lists the minimum permissions required for Azure AD Administrative accounts to perform specific On Demand Migration tasks. You can use PowerShell to assign these roles to your Azure AD administrative account. All of the listed roles are required, but you can select any of the roles separated by -OR-.
Product Feature | Minimum Permissions for source | Minimum Permissions for target |
---|---|---|
Exchange Online processing (Exchange Online license must be assigned) | ||
Address Rewriting |
Transport Rules Remote and Accepted Domains Distribution Groups Security Group Creation and Membership |
Transport Rules Remote and Accepted Domains Distribution Groups Security Group Creation and Membership |
Calendar sharing |
Federated Sharing |
Federated Sharing |
Discovery |
View-Only Recipients -OR- Mail Recipients |
|
Account Migration |
View-Only Recipients -OR- Distribution Groups |
Security Group Creation and Membership Mail Recipient Creation |
Mail Migration |
ApplicationImpersonation |
Mail Recipients ApplicationImpersonation |
Mailbox Switch |
Mail Recipients ApplicationImpersonation |
Mail Recipients ApplicationImpersonation |
Mailbox Permissions Migration |
Mail Recipients | Mail Recipients |
Azure AD Roles | ||
Account Migration (guest users migration) |
Guest inviter | |
Resource processing |
Guest inviter | |
SharePoint Roles (SharePoint license must be assigned) | ||
OneDrive Migration (provisioning only) |
SharePoint administrator |
You can use collections to streamline the migration process. There are two approaches:
To create a new collection based on selected accounts:
To create a new empty collection and then populate it with accounts:
You can populate any existing collection using a comma-separated values (CSV) file with account attributes.
|
NOTES:
|
To populate collection from CSV file
userPrincipalName,email,objectID
Example@testexample.onmicrosoft.com,Example@testdomain.com,d6801a8b-5cb1-48f4-9757-4465564c5c63
The collection is populated. You can see added objects on the Collection Dashboard.
|
NOTE: The objects that do not exist in the source and/or target tenants and the source accounts that are not enumerated during the Discovery are ignored without producing an event. |
To export the mapping as a comma-separated values (CSV) file, select objects in the grid and click
You can customize this file and use it as a base for manual mapping.
© 2021 Quest Software Inc. ALL RIGHTS RESERVED. Feedback Terms of Use Privacy