6.6 Domain Migration

Migration from an existing default domain to a custom domain. This provides guidelines for migrating your existing default domain and data to a custom domain.

Managing Groups in Oracle Cloud Infrastructure (OCI)

The following steps walk you through the process of locating a domain, creating users, groups, and managing them within the OCI Console.
  • Prerequisites
    • You must be an Admin user in Oracle Identity Cloud Service (IDCS).
    • A Default Domainshould already exist.
    • Make sure you're logged into Oracle Cloud Console with the necessary permissions.
Export Users and Groups from the Default Domain
  1. Log into IDCS Console
    • Navigate to Oracle Identity Cloud Service.
    • Ensure you're viewing the Default Domain.
    • You’ll see the domain overview, including domain information, region, and status.
  2. Export All Users
    1. Go to Users in the Default Domain.
    2. Click More Actions > Export all users.
    3. As with groups, a popup will appear – click View Details.
    4. Download the exported user file once the job is complete.

    Note: Groups are migrated to the domain but not mapped to the tenant or users. This must be done manually after import.

  3. Export All Groups
    1. Go to Groups from the left menu.
    2. Click on More Actions > Export all groups.
    3. A popup message appears in the top right corner – click View Details.
    4. This opens a Job Details page: Shows Job ID, OCID (click Show to view), progress, success/failure count.
    5. Once complete, click Download Exported File. The exported file (typically in CSV format) will be downloaded to your local system.

    Note:

    • Export includes group names, descriptions, and other relevant metadata.
    • Failed exports (if any) will be listed with specific error details.
  4. Import Users and Groups into the Custom Domain
  5. Navigate to the Custom Domain
    • Go to Oracle Cloud Console > Identity > Domains.
    • Select your Custom Domain.
  6. Import Users
    1. Go to Users.
    2. Click Import Users > Import.
    3. Upload the previously downloaded user export file from the Default Domain.
    4. Monitor the import job progress and confirm completion.
  7. Import Groups
    1. Go to Groups in the Custom Domain.
    2. Click More Actions > Import Groups (if available) or use the import interface.
    3. Upload the group export file.
    • Validating Group Mapping to Users

      This section details the process for creating users after provisioning a tenant, assigning users to applications, and handling password resets post domain migration.

      Note:

      Verify that all required groups are assigned to the specified user.
      1. Once the tenant has been provisioned, use the search bar to locate the Tenant ID that was recently created.
      2. Click on the Tenant ID to open the application information window.
      3. In the application information window, click on Users.
      4. Click Assign Users.

        Note:

        Group mapping will be done automatically.
      5. After users are assigned, the Application URL will appear in the corresponding field.
      6. Click on the assigned User.
      7. Domain Migration and Password Reset: The user will receive a notification to reset their password. The email will contain a password reset link.

        Note:

        Password reset is triggered automatically once the domain is migrated from the default domain to the custom domain.
  8. Final Validation
    • Go to Custom Domain > Users and Groups.
    • Validate:
      • All users appear as expected.
      • All groups have been imported.
      • Users are assigned to the correct groups (if manually done).
    • Check the new tenant association if applicable via Oracle Cloud Services.