SharePoint 2019 to SharePoint Subscription Edition (SE) – Database Attach Upgrade (Step-by-Step)

 SharePoint 2019 to SharePoint Subscription Edition (SE) – Database Attach Upgrade (Step-by-Step)

Database Attach Upgrade is the most recommended migration approach from Microsoft SharePoint Server 2019 to Microsoft SharePoint Server Subscription Edition.

 

High-Level Upgrade Flow

SP2019 Farm
   |
   |  Backup Content DBs
   v
SQL Restore
   |
   v
New SPSE Farm
   |
   | Mount-SPContentDatabase
   v
Upgrade Sites & Validate

 

Phase 1 — Pre-Upgrade Assessment

Step 1: Verify Existing SP2019 Farm Health

Run Health Analyzer and check:

• Timer Jobs
• Search Crawl
• Distributed Cache
• Service Applications
• IIS Bindings
• Certificates
• SQL Connectivity

Important Commands

Get-SPFarm
Get-SPServer
Get-SPDatabase
Get-SPSite -Limit All

 

Step 2: Check Build Version Compatibility

SP2019 must be on supported patch level before migrating.

Check Build

(Get-SPFarm).BuildVersion

Compare with Microsoft compatibility matrix.

 

Step 3: Run Pre-Upgrade Check

Test-SPContentDatabase -Name WSS_Content_Intranet `
-WebApplication http://sp2019web `
-Server SQLPROD01

OR

stsadm -o preupgradecheck

 

Step 4: Inventory Existing Components

Document:

Component	Example
Web Applications	Intranet
Content DBs	WSS_Content
Service Apps	Search, MMS
Solutions (.wsp)	Custom WSPs
Features	Farm/Sandbox
Workflows	2010/2013
Customizations	Master Pages
Authentication	NTLM/Kerberos/SAML

 

Step 5: Identify Unsupported Components

Major challenge areas:

Area	Risk
SharePoint 2010 workflows	Deprecated
InfoPath	Limited future support
Sandbox solutions	May fail
Full Trust Solutions	Compatibility issues
Classic Authentication	Migration needed
Third-party WSPs	Rebuild required

 

Phase 2 — Build New SharePoint SE Farm

Step 6: Prepare New Infrastructure

Recommended Servers

Server	Purpose
APP01	Central Admin + Services
WFE01	Web Front End
SQL01	Databases

 

Step 7: Install Prerequisites

Install:

• Windows Server
• SQL Native Client
• IIS Features
• .NET Framework
• Web Server Roles

 

Step 8: Install SharePoint SE

Install binaries on all servers.

Then run:

psconfig.exe

OR SharePoint Products Configuration Wizard.

 

Step 9: Create New SPSE Farm

New-SPConfigurationDatabase `
-DatabaseName SharePoint_Config `
-DatabaseServer SQLSE01 `
-Passphrase (ConvertTo-SecureString "Password@123" -AsPlainText -Force) `
-FarmCredentials (Get-Credential)

 

Step 10: Configure Service Applications

Create:

• Managed Metadata
• Search
• User Profile
• State Service
• Distributed Cache

 

Phase 3 — Database Migration

Step 11: Set Source Farm Read-Only (Optional but Recommended)

Set-SPSite -Identity http://portal/sites/hr -LockState ReadOnly

Purpose:

• Prevent content changes
• Avoid delta mismatch

 

Step 12: Backup Content Databases from SP2019 SQL

Using SQL Server:

BACKUP DATABASE WSS_Content_Intranet
TO DISK='D:\Backup\WSS_Content_Intranet.bak'

 

Step 13: Restore Databases into New SQL Server

RESTORE DATABASE WSS_Content_Intranet
FROM DISK='D:\Backup\WSS_Content_Intranet.bak'

 

Phase 4 — Attach Databases in SPSE

Step 14: Create Web Applications in SPSE

VERY IMPORTANT:

• URL must match old farm if possible
• Authentication method should match

Example:

New-SPWebApplication `
-Name "Intranet" `
-Port 80 `
-URL http://intranet `
-ApplicationPool "IntranetPool" `
-ApplicationPoolAccount (Get-SPManagedAccount "domain\spfarm")

 

Step 15: Validate Database Before Mount

Test-SPContentDatabase `
-Name WSS_Content_Intranet `
-WebApplication http://intranet

Typical Errors

Error	Meaning
Missing Feature	WSP not installed
Missing Setup File	Custom solution absent
Missing Web Part	Third-party issue

 

Step 16: Install Missing Solutions

Example:

Add-SPSolution CustomSolution.wsp

Install-SPSolution `
-Identity CustomSolution.wsp `
-GACDeployment

 

Step 17: Mount Content Database

Mount-SPContentDatabase `
-Name WSS_Content_Intranet `
-DatabaseServer SQLSE01 `
-WebApplication http://intranet

This performs:

• Database schema upgrade
• Site collection upgrade
• Feature upgrade

 

Step 18: Monitor Upgrade Status

Get-SPUpgradeSessionInfo

Logs location:

C:\Program Files\Common Files\Microsoft Shared\Web Server Extensions\16\LOGS

 

Phase 5 — Post Upgrade Validation

Step 19: Validate Sites

Check:

• Site accessibility
• Pages
• Libraries
• Permissions
• Search
• Navigation
• Branding
• Workflows

 

Step 20: Rebuild Search Index

Recommended after migration.

Get-SPEnterpriseSearchServiceApplication

Reset crawl if needed.

 

Step 21: Verify Services

Validate:

Service	Validation
Search	Crawl success
MMS	Terms visible
UPA	Profile sync
Cache	No errors
SMTP	Alerts working

 

Step 22: Upgrade Site Collections (If Required)

Upgrade-SPSite http://intranet

 

Step 23: Run Health Checks

Get-SPHealthAnalysisRule

Central Admin → Monitoring → Review Problems & Solutions

 

Real-Time Production Upgrade Scenario

Example

Old Environment

Component	Value
SharePoint Version	SP2019
Databases	12 Content DBs
Size	4 TB
Users	18,000
Authentication	Kerberos

Migration Approach

1. Build parallel SPSE farm
2. Install all custom WSPs
3. Freeze source farm
4. Backup & restore DBs
5. Attach DBs one-by-one
6. Validate business applications
7. DNS cutover

 

Common Real-Time Challenges

1. Missing Features

Error

Database contains references to missing features

Fix

Deploy missing WSPs.

 

2. Large Content Databases

Issue

Mount takes several hours.

Fix

• Split DBs
• Use high IOPS storage
• Pre-grow SQL files

 

3. Orphan Objects

Detection

Get-SPContentDatabase | % {$_.Repair($true)}

 

4. Authentication Failures

Common Cause

Kerberos SPNs missing.

Fix

Re-register SPNs.

 

5. Search Not Working

Cause

Old index not migrated.

Fix

Full crawl required.

 

Best Practices

Recommended

✅ Build fresh SPSE farm

✅ Patch all servers equally

✅ Use MinRole properly

✅ Test in lower environments first

✅ Perform trial migrations

✅ Keep rollback plan ready

✅ Use SQL backups instead of detach method

✅ Document every DB mapping

 

Important Commands Summary

Task	Command
Validate DB	Test-SPContentDatabase
Mount DB	Mount-SPContentDatabase
Upgrade Site	Upgrade-SPSite
Check Upgrade	Get-SPUpgradeSessionInfo
Add Solution	Add-SPSolution
Install Solution	Install-SPSolution

ECM Features Comparison: SharePoint Online vs OpenText

 ECM Features Comparison: SharePoint Online vs OpenText

ECM Features Comparison: SharePoint Online vs OpenText

ECM Capability	SharePoint Online	OpenText Content Suite
Document Management	✅ Native document libraries	✅ Advanced document repository
Version Control	✅ Major/Minor versioning	✅ Advanced versioning and revision management
Check-In / Check-Out	✅ Available	✅ Available
Metadata Management	✅ Managed Metadata Service, Content Types	✅ Enterprise metadata classification
Taxonomy Management	✅ Term Store	✅ Business taxonomy and classification engine
Records Management	✅ Microsoft Purview Records Management	✅ Industry-leading Records Management
Document Retention	✅ Retention Labels and Policies	✅ Retention Schedules and Policies
Legal Hold	✅ Microsoft Purview eDiscovery	✅ Legal Hold Management
Content Lifecycle Management	✅ Automated lifecycle policies	✅ Advanced lifecycle management
Document Security	✅ Entra ID, Sensitivity Labels	✅ Granular ACL-based security
Role-Based Access Control (RBAC)	✅ SharePoint Groups & Entra Roles	✅ Advanced Security Permissions
Workflow Automation	✅ Power Automate	✅ OpenText AppWorks / BPM
Business Process Management (BPM)	⚠️ Basic to Moderate	✅ Advanced BPM Engine
Document Approval Workflows	✅ Power Automate	✅ Native Workflow Engine
Collaboration Features	✅ Teams Integration	⚠️ Limited compared to SPO
Co-authoring	✅ Real-time co-authoring	⚠️ Limited depending on integration
Microsoft Office Integration	✅ Native Integration	✅ Integration available
Outlook Integration	✅ Native	✅ Available
Search Functionality	✅ Microsoft Search	✅ Enterprise Search
AI-Based Search	✅ Microsoft Copilot	✅ OpenText Aviator AI
OCR (Optical Character Recognition)	⚠️ Via Syntex/3rd Party	✅ Native OCR Support
Document Capture	⚠️ Limited	✅ Advanced Capture Center
Scanning Integration	⚠️ Third-party	✅ Native Capture Solutions
Content Classification	✅ Syntex AI	✅ Advanced Classification Engine
Enterprise Content Archiving	⚠️ Basic	✅ Strong Archiving Capabilities
Email Archiving	⚠️ Purview-based	✅ Native Email Archiving
Knowledge Management	✅ Viva Topics, SharePoint	✅ Knowledge Center
Compliance Management	✅ Purview Compliance Center	✅ Extensive Compliance Framework
Audit Logs	✅ Unified Audit Logs	✅ Detailed Audit Trails
eDiscovery	✅ Microsoft Purview eDiscovery	✅ OpenText eDiscovery
Electronic Signatures	⚠️ Adobe Sign/DocuSign Integration	✅ Native + Third-party Integration
Case Management	⚠️ Limited	✅ Strong Case Management
Contract Management	⚠️ Third-party solutions	✅ Native Contract Management
Regulatory Submission Support	⚠️ Custom Solution	✅ Strong Life Sciences Support
GxP Compliance	⚠️ Requires configuration	✅ Designed for regulated industries
21 CFR Part 11 Compliance	⚠️ Achievable through controls	✅ Native compliance support
SAP Integration	✅ APIs/Connectors	✅ Deep SAP Integration
ERP Integration	✅ Via APIs/Power Platform	✅ Native Connectors
Cloud Deployment	✅ SaaS Only	✅ Cloud, Hybrid, On-Prem
Hybrid Deployment	❌ Not supported	✅ Supported
On-Premises Deployment	❌ Not available	✅ Available
Disaster Recovery	✅ Microsoft Managed	✅ Configurable
Multi-Region Support	✅ Global Microsoft Datacenters	✅ Available
Mobile Access	✅ SharePoint Mobile App	✅ OpenText Mobile
Low-Code Development	✅ Power Apps	⚠️ Limited
API Support	✅ Microsoft Graph API	✅ REST/SOA APIs
Integration Ecosystem	✅ Extensive Microsoft Ecosystem	✅ Enterprise Application Ecosystem

 

Strength Areas

Area	Winner
Collaboration	SharePoint Online
Team Sites & Intranet	SharePoint Online
Microsoft 365 Integration	SharePoint Online
Co-authoring	SharePoint Online
Power Platform Integration	SharePoint Online
Records Management	OpenText
Regulatory Compliance	OpenText
GxP / FDA Compliance	OpenText
Archiving	OpenText
Case Management	OpenText
BPM / Workflow	OpenText
Document Capture & OCR	OpenText
SAP Integration	OpenText
Enterprise Content Governance	OpenText

 

Real-World Usage in Pharma

SharePoint Online

Used for:

Team Collaboration
Intranet Portals
Knowledge Management
Project Sites
Document Sharing
Microsoft Teams Integration
Employee Self-Service Portals

OpenText

Used for:

Regulatory Document Management
Clinical Trial Documentation
Quality Management Systems (QMS)
GxP Controlled Documents
Records Management
Contract Lifecycle Management
Enterprise Archiving

 

Typical Pharma Architecture

Users
   |
Microsoft Teams
   |
SharePoint Online
   |
Power Platform
   |
OpenText Content Suite
   |
SAP / Veeva Vault / Clinical Systems
   |
Archive & Records Repository

Common Pattern in Pharma Companies

SharePoint Online → Collaboration, Intranet, Team Sites, Knowledge Sharing.
OpenText → Controlled Content, Regulatory Documents, Quality Records, Compliance Archives.
Veeva Vault → Clinical, Regulatory, Quality, and RIM content specific to Life Sciences.

This is the architecture commonly seen in organizations such as Novartis, Pfizer, Roche, Eli Lilly and Company, and Parexel.

 

Basics of Microsoft Entra ID

 

Microsoft Entra ID

Microsoft Entra ID is Microsoft's cloud-based Identity and Access Management (IAM)

platform that provides authentication, authorization, access control, and security for

Microsoft 365, Azure, and thousands of third-party applications.

Think of Entra ID as the security gatekeeper of Microsoft 365.

 

What is Identity and Access Management (IAM)?

IAM answers two questions:

1. Who are you?

(Authentication)

Example:

Username: ramesh@company.com
Password: ********

Entra ID verifies the identity.

 

2. What can you access?

(Authorization)

Example:

Ramesh
├── SharePoint Access
├── Teams Access
├── Outlook Access
└── HR Portal Access

Entra ID determines permissions.

 

Why Microsoft Entra ID is Important

Without Entra ID:

SharePoint → Separate Login
Teams → Separate Login
Exchange → Separate Login
Power BI → Separate Login

With Entra ID:

Single Sign-On (SSO)

One Login
    ↓
SharePoint
Teams
Exchange
OneDrive
Power BI

 

Core Components of Entra ID

1. Users

Represents employees, contractors, vendors, and service accounts.

Example

ramesh@company.com
john@company.com
vendor@partner.com

PowerShell

Get-MgUser

 

2. Groups

Used to manage permissions efficiently.

Example

HR Team
Finance Team
SharePoint Admins
Project Team

Instead of assigning permissions to 100 users, assign one group.

PowerShell

Get-MgGroup

 

3. Applications

Applications registered in Entra ID.

Examples

• Microsoft Teams
• SharePoint Online
• Salesforce
• ServiceNow

 

4. Devices

Managed corporate devices.

Examples

Windows Laptop
Android Phone
iPhone
MacBook

Benefits

• Device Compliance
• Conditional Access
• Security Enforcement

 

Authentication Methods

 

Password Authentication

Traditional login.

Username + Password

Challenge

Weak passwords.

 

Multi-Factor Authentication (MFA)

Requires additional verification.

Example

Password
    +
Mobile Approval

Benefits

Even if password is stolen, access is blocked.

 

Passwordless Authentication

Methods:

• Microsoft Authenticator
• FIDO2 Security Keys
• Windows Hello

Example

Fingerprint
Face Recognition
PIN

 

Single Sign-On (SSO)

What is SSO?

One login provides access to multiple applications.

Example

Login Once
      ↓
SharePoint
Teams
Exchange
OneDrive
Power BI

Benefits

✅ Better User Experience

✅ Fewer Password Resets

✅ Improved Productivity

 

Conditional Access

One of the most important Entra ID security features.

Purpose

Control access based on conditions.

Example Policy

If User Outside India
          ↓
Require MFA

Example Policy

If Device Non-Compliant
          ↓
Block Access

Example Policy

If High Risk Login
          ↓
Block Login

 

Real-Time Conditional Access Scenarios

Scenario 1

Employee login from office.

Location: Hyderabad
Device: Managed Laptop

Result:
Allow Access

 

Scenario 2

Employee login from unknown country.

Location: Russia

Result:
Require MFA

 

Scenario 3

Unknown device login.

Personal Device

Result:
Limited Access

 

Role-Based Access Control (RBAC)

Assign permissions based on roles.

 

Common Roles

Global Administrator

Highest privilege.

Can manage:

• Users
• Groups
• Licenses
• Security

 

SharePoint Administrator

Manages:

• Sites
• Storage
• Sharing

 

Exchange Administrator

Manages:

• Mailboxes
• Mail Flow
• Email Security

 

Teams Administrator

Manages:

• Teams
• Channels
• Policies

 

User Administrator

Manages:

• User Accounts
• Password Resets

 

Identity Protection

Protects against compromised identities.

 

Risk Detection

Detects:

Impossible Travel
Anonymous IP
Malicious IP
Leaked Credentials

Example

10:00 AM India Login
10:15 AM USA Login

Impossible travel detected.

 

Self-Service Password Reset (SSPR)

Users reset passwords without IT support.

Process

Forgot Password
      ↓
Verify Mobile
      ↓
Reset Password

Benefits

Reduced helpdesk tickets.

 

External Users (B2B Collaboration)

Invite external users.

Example

vendor@gmail.com
consultant@partner.com

Usage

• SharePoint Collaboration
• Teams Collaboration

 

B2C (Customer Identity)

Customer-facing applications.

Example

E-commerce website login.

Google Login
Facebook Login
Microsoft Login

 

Dynamic Groups

Automatic group membership.

Example Rule

Department = HR

All HR users automatically join HR group.

 

Privileged Identity Management (PIM)

Provides Just-In-Time (JIT) administrative access.

Traditional

Global Admin = Permanent

PIM

User Requests Access
        ↓
Approval
        ↓
Temporary Access

Benefits

Reduces security risk.

 

Microsoft 365 Integration

Entra ID is the backbone of:

• SharePoint Online
• Exchange Online
• Microsoft Teams
• OneDrive for Business
• Microsoft Intune
• Power BI

 

Real-Time SharePoint Online Scenario

Requirement

Only QA team should access GxP documents.

Solution

Create Group:

QA_GxP_Users

Assign group permission:

QA_GxP_Users
       ↓
SharePoint Library

When employee joins QA:

Add User to Group

Access granted automatically.

 

Daily Administrative Tasks

User Management

Get-MgUser
New-MgUser
Update-MgUser
Remove-MgUser

 

Group Management

Get-MgGroup
New-MgGroup
Remove-MgGroup

 

License Management

Get-MgSubscribedSku
Set-MgUserLicense

 

Security Monitoring

Get-MgAuditLogSignIn

 

Conditional Access

Get-MgIdentityConditionalAccessPolicy

 

Advantages of Entra ID

Security

✅ MFA

✅ Conditional Access

✅ Identity Protection

 

Productivity

✅ Single Sign-On

✅ Self-Service Password Reset

 

Governance

✅ RBAC

✅ PIM

✅ Audit Logs

 

Integration

✅ Microsoft 365

✅ Azure

✅ Salesforce

✅ ServiceNow

Thousands of SaaS applications.

 

Limitations and Challenges

Licensing Complexity

Advanced features require:

• Entra ID P1
• Entra ID P2

 

Conditional Access Complexity

Poorly designed policies can lock out users.

 

Guest User Governance

External users require regular review.

 

Large Enterprise Challenges

Managing:

100,000+
Users
Thousands of Groups
Thousands of Applications

requires strong governance.