Erwin Bierens

Knowledge is Power

Error while moving user from SfB 2015 to SfB 2019 pool

2020-10-15 2 min read Skype for Business

Problem

When you attempt to move a user from a Skype for Business Server 2015 to 2019 pool but notice that it fails with the following error:

Failed while updating destination pool.

error moving user

PS C:\Windows\system32> Get-CsUser e.bierens@skypedev.nl |Move-CsUser -Target fe2019.skypedev.nl -verbose
VERBOSE: CN=ebi,OU=Accounts,DC=skypedev,DC=nl

Confirm
Move-CsUser
[Y] Yes  [A] Yes to All  [N] No  [L] No to All  [S] Suspend  [?] Help (default is "Y"): y
VERBOSE: Validating parameters for move operation.
VERBOSE: Calculating new server information for user [fe2019.skypedev.nl].
VERBOSE: Moving user [sip:e.bierens@skypedev.nl] across pools.
Move-CsUser : Failed while updating destination pool.
At line:1 char:32
+ ... skypedev.nl |Move-CsUser -Target fe2019.skypedev.nl -verbose ...
+                 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
	+ CategoryInfo          : InvalidOperation: (CN=ebi,DC=skypedev,DC=nl:OCSADUser) [Move-CsUser], MoveUserE
   xception
	+ FullyQualifiedErrorId : MoveError,Microsoft.Rtc.Management.AD.Cmdlets.MoveOcsUserCmdlet

Results from this operation can be found at "C:\Users\administrator\AppData\Local\Temp\MoveResults-99b5be4e-c844-4493-9a4b-6bebe01fe402.csv".

Solve issue

This has been a common issue in environments where a user’s user(security) object has Inheritance disabled on their Active Directory Account.

If this is the case, enabling it will correct the issue.

You can do perform a check in Active Directory to find for who inheritance is disabled:

Get-ADUser -Filter * -Properties nTSecurityDescriptor | ?{ $_.nTSecurityDescriptor.AreAccessRulesProtected -eq "True" } | Select-Object SamAccountName

Go to Active Directory Users and Computers > open the user and go to the Security tab.

Click Advanced text

Now click the Enable Inheritance button followed by OK. Enable Inheritance

Try again moving the user to the new pool.

/

comments powered by Disqus