Data Migration Tool: USMT GUI backup/restore tool using the PowerShell App Deploy Toolkit
“Ohh damn, I need to re-create my Explorer favorites, I need to re-enter my wireless profiles..”
Those are some of the comments you will hear from users receiving a new machine in a Service Desk function. Don’t worry, this tool includes it all, and will work when migrating from Windows 7 to Windows 10 as well!
Users will be able to migrate data them self by running this tool from Software Center.
In many cases, enterprises dosen’t offer an easy solution when it comes to migrating data from one machine to another. The best free tool i have come across is the User State Migration Tool (USMT) which is included in the Windows ADK. Sadly this solution is a command-line tool, and dosen’t offer an GUI. Then i came up with a solution. By combining PowerShell App Deployment Toolkit(PSADT) with USMT I made it easy to make this accomplishment. Be aware that this tool requires local administrative privileges for the end user, or making a package running as the local system account on the client PC.
If there is an external USB storage connected, the user gets the option to backup/restore to that location or the network location.
So what does the Data Migration Tool consist of?
The tool consist of a script installer “Deploy-DataMigrationTool.ps1” and a folder containing the installation files. Basically the installer will copy the files to “C:\Program Files (x86)\Data Migration Tool” and log to “C:\Windows\Logs\Software”. It will also create a shortcut in start “C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Data Migration Tool.lnk”.
There is two ways of deploying this tool with SCCM:
- Package (running as local system): Choose this if the users have standard rights on the local machine.
- Application (requires local administrator previledges): This will make the application available as a local application with a shortcut in start. Requires that the user to be a local admin.
Before you begin deploying and testing
First we need to configure a network share for the use of this setup. In the example below i use a share for the backups called USMT Data Migration Tool$.
Folder rights if using option 1
Set the share rights on the network folder so that only Domian Computers have modify share access:
Set the NTFS permissions so only Domain Computers modify rights:
Folder rights if using option 2
Set the share rights on the network folder so that only Domian Users have modify share access:
Set the NTFS permissions so that Domain Users have write access to This folder only and CREATOR OWNER have Modify rights to Subfolders and files only:
Before you test and deploy the tool, change the $NetworkLocation variable in the “.\Data Migration Tool\Deploy-Application.ps1” file.
Deploying using option 1
If you are in an environment where users are not local administrators, the best solution is to run this as a package in system context. Below i describe how this can be archived. Be aware that this solution will give every system(computer object) account access to all folders in the share. There is no way to overcome this unless you want the user to type in the hostname of the PC that performed the backup. One could setup a cleanup script on the server hosting the share, to delete backups older than 14 days.
- Create a package with the files from the “Data Migration Tool” subfolder.
- Deploy the package to distribution points.
- Create a Program with “Deploy-application.exe” in the Command line textbox.
- Ensure that the environment is set as shown in the picture:
- Create a available deployment for a user or device collection and test the setup.
Deploying using option 2
This option allows the users with local administrative rights to have a local application installed with a shortcut in start.
- Create an applicaiton with all the content of the zipped folder “Data-Migration-Tool-<version>”
- Setup the Deployment Type program with the following install/uninstall commandline:
Install:powershell.exe -ExecutionPolicy Bypass -file .\Deploy-DataMigrationTool.ps1
Uninstall:powershell.exe -ExecutionPolicy Bypass -file .\Deploy-DataMigrationTool.ps1 -uninstall
- Define the Detection Rule:
- Configure the User Experiene to install as system:
- Deploy the application to a user or device collection and update policies, go to software center and install:
- Recieving the USMT error 71 means that you have done something wrong with the folder permissions.
- Recieving the USMT error 37, don’t run this tool on a server you fool 😉
-Removed the Convert-FromString function from the Export-WLANProfiles function in the AppDeployToolkitExtensions.ps1 as it was dependent on PowerShell version >= 5.0.
-Added a check to only export WLAN profiles when running on a psysical machine.
-Removed the parameter -NoAppSettings switch from the Start-UserStateMigrationTool function call in the Deploy-Application.ps1 script.
-Removed the custom XML from the command line string in the Start-UserStateMigrationTool function located in the AppDeployToolkitExtensions.ps1
-Changed the current user variable to be the current user session instead of running context. Was an issue if running as system.
I would very much like to improve this tool, so please share ideas!