Runbooks and Steps

PowerSyncPro Windows 10 Workstation Agent has the concept of runbooks and steps where you can customise what components you can run and when for your migration.

Runbook

A run book is a collection of steps which can be tailored to execute on different dates and times along with customising what you need to run for your requirements and particular migration.

Some of the steps have dependencies and will be logically grouped, the list below gives you an idea of the level of flexibility to meet your needs.

Some steps take longer than others, so you many want to do some in advance silently, this is so on the migration day the process is optimised to minimise user downtime whilst the machine is reconfigured.

You can add as many runbooks as you like, but each runbook will only be run once. Commonly we deploy runbooks for Workload Migration Prep, Workload Migration, Workstation Migration and Uninstall Agent.

Start Migration

Sets the signin background to indicate that a migration is happening, and creates an AdminFallback local user as a way back into the device if things go wrong.

It also disabled the BitLocker Protection Keys to avoid issues with reboots.

If a user is logged on when we start this step then a Toast will appear giving them 1 hour grace

1. Backup All Local Group Members

Take a backup of all of the local group members

2. Remove Autopilot Info

Removes autopilot information from the registry including Controlled Validation keys for Hybrid Join

3. Leave Old Directory

Disjoins the machine from the old directory (be that Active Directory, Azure Active Directory, or Hybrid)

4. Join New Directory

Joins the workstation to either Active Directory or Azure Active Directory. For a Hybrid AD Join target be aware that the machine must have line of sight to a Domain Control as it reboots, so things like VPN may need to be considered.

5. Verify Directory Join

Verifies that the Target directory Join Type has been achieved by checking dsregcmd output. If it fails multiple times then it will try to run the Join New Domain step again

6. Restore All Local Group Members

Restores the local group members to add back any local accounts and migrated accounts that were removed as part of the LeaveOldDirectory/JoinNewDirectory process

7. Clear AAD Broker Credentials

Clear the AAD Brokers on this machine or for this user

8. Clear Teams Cache

Clear the Teams cache directories

9. Repermission Workstation

Changes the permissions/owner/group settings on every file, folder on every fixed disk as well as every registry key for users in scope for the migration.

It will also switch the user profile for every user profile where there is a translation of SIDs

10. Disable User Run Key

Saves the Run key to avoid things starting as we reboot the workstation

11. Set OneDrive SilentAccountConfig

Set OneDrive to use the SilentAccountConfig setting

12. Remove Migrated User Profiles

Remove all of the old and now migrated user profiles

13. Make OneDrive Files CloudOnly

Runs Attrib for every sync root on the workstation to force files to be Cloud Only, otherwise you may find duplicates after the migration.

14. Mark User Profiles

Marks all existing profiles as being eligble for user based runbooks

15. Migrate AppX Applications

Migrate AppX applications so that the migrated user can use them

16. Reset Edge Primary Profile

Reset credentials in the primary (default) Edge profile so they are useable for the new user.

17. Migrate Outlook

Reset credentials in the primary (default) Edge profile so they are useable for the new user.

18. Set Outlook ZeroConfigExchange

Sets the ZeroConfigExchange setting for this user, this allows Outlook to start cleanly and run its own setup process based on the version installed.

19. Migrate Office

Clears the cloud Credentials to force Office to activate afresh

20. Migrate Teams

Clears the cloud credentials to force Teams to start afresh

21. Revert Folder Redirection

Puts redirected folders back to their defaults and DOES NOT move files back

22. Revert Folder Redirection And Files

Puts redirected folders back to their defaults and move files back

23. Uninstall OneDrive (Avoid UAC)

Uninstall the OneDrive Sync Client for the logged on user while trying to avoid any UAC prompt

24. Uninstall OneDrive

Uninstall the OneDrive Sync Client for the logged on user, this is important so that OneDive can be configured to the new tenant.

25. Install OneDrive

Install the OneDrive Sync Client for the logged on User

26. Enable User Run Key

Copies the saved keys back to the Run key

27. Start OneDrive Client

Start the OneDrive Client

28. Start Run Key Programs

Start all of the programs in the Run key

29. Uninstall Migration Agent

Removes the agent and all traces of it, usually done 30 days after the migration.

30. Complete Migration

Removes the StartMigrationPackage, enables the BitLocker Protection Keys and Saves any Bitlocker recovery keys to AD/Azure AD