Skip to content

Microsoft 365 E5 developer subscription cannot be reassigned, so this porject serves to help with data migrations between old and new subscription accounts with no platform dependency. Users and applications migrations are currently supported.

License

Notifications You must be signed in to change notification settings

daverbk/ms365e5-migrator

Repository files navigation

Microsoft 365 E5 Developer Program Data Migration

Problem Statement

Currently, Microsoft 365 E5 Developer Program subscriptions are bound to a single email address, and reassignment to another email is not supported. The challenge this creates is that, to preserve data when moving to another subscription account, devs must migrate it manually. The existing Microsoft Mover tool does not seem to support migrations from one MS 365 E5 subscription to another, that's why I've decided to create this app.

Features

  • Migrates users and applications from one MS 365 E5 Developer tenant to another.
  • Utilizes the Microsoft Graph API to perform data migration.
  • Configurable via a simple YAML file.
  • Easy to set up and run locally with minimal dependencies.

Prerequisites

  1. Java 17 or higher installed on your machine.
  2. Microsoft 365 E5 Developer Program Subscriptions: You need two MS 365 E5 subscriptions (one to migrate from and one to migrate to).
  3. Microsoft Graph API Application Registrations: Ensure you have appropriate migration application registrations permissions for both the source and destination tenants. It will be covered later in the readme.
  4. Admin Consent For Application Registrations Permissions: Admin consent must be provided for the required Graph API permissions manually.

Setup

  1. Set up Migration Application Registrations

You need to create applications in both the from and to tenants with appropriate Microsoft Graph API permissions:

  • From Tenant:
    • User.Read.All
    • Application.Read.All
  • To Tenant:
    • User.ReadWrite.All
    • Domain.Read.All
    • Application.ReadWrite.All

For detailed steps, refer to the official Microsoft documentation on setting up App Registration.

Don't forget to grant admin consent for the required permissions in both tenants. Refer to the Microsoft documentation for guidance on how to perform this step.

  1. Clone the Repository

Start by cloning the repository:

git clone https://github.com/daverbk/ms365e5-migrator.git
cd ms365e5-migrator
  1. Configure the Application

Open the application.yml file located in src/main/resources/ and edit the following fields with your specific tenant information:

migration:
    from:
        client-id: add client id of an app's registration of a tenant to migrate FROM here
        client-secret: add client secret of an app's registration of a tenant to migrate FROM here
        tenant-id: add tenant id to migrate FROM here
    to:
        client-id: add client id of an app's registration of a tenant to migrate TO here
        client-secret: add client secret of an app's registration of a tenant to migrate TO here
        tenant-id: add tenant id to migrate TO here
    user-password: add the default user password that will be set for all migrated users here

Note

The user-password must be set because the Microsoft Graph API does not allow retrieving user passwords. The password specified here will be assigned to all migrated users.

  1. Run the Application

After configuring the application.yml file, start the migration process by running:

./gradlew bootRun

This command initiates the migration of users and applications from the source tenant to the destination tenant.

Important Notes

  • User Passwords: The users' passwords will not be preserved after migration. This is because passwords are inaccessible via the Microsoft Graph API, which is used by the app.
  • License Information: The E5 license information for users will be preserved after the migration.
  • Global Administrator: The global administrator user will not be migrated. The app identifies a global administrator by the presence of assigned business numbers. While this method works for most basic development tenants, it may be error-prone if business numbers are assigned to non-admin users. This behavior is expected to improve in future updates.
  • Application Registrations: When application registrations are migrated, only one client secret will be retained, as only one secret can be created per app registration. This secret will be renewed during migration, and the new secret will be displayed in the console once the migration is complete. image
  • Application Permissions: An app will preserve permissions for migrated applications, but admin consent must still be granted manually for these permissions.

Contributing

Contributions are very welcome! If you would like to add support for migrating other entities besides users and applications, feel free to fork the repository and submit a pull request.

License

This project is licensed under the MIT License, see the LICENSE file for details. I would still encourage you to contribute to this public repo in case you see a way to improve the app.

About

Microsoft 365 E5 developer subscription cannot be reassigned, so this porject serves to help with data migrations between old and new subscription accounts with no platform dependency. Users and applications migrations are currently supported.

Topics

Resources

License

Security policy

Stars

Watchers

Forks

Languages