登入
 
首頁文件庫學習園地下載支援社群論壇
IT 專業人員的技術資源 >
copy sid from local user account to a domain account

Answered copy sid from local user account to a domain account

  • 2012年3月16日 上午 09:11
     
     
    登入以投票
    0

    i've got an old file server which is a member of a workgroup, where we have created local user accounts and passwords to match their AD account.

    We need to move the data to a new server and make that server part of the domain.

    is it possible to extract the sid from the local user account toi their AD account so users can continue to access data seamlessley without me having to re-permission everything.

    Denis Cooper MCITP EA - MCT

     

所有回覆

  • 2012年3月16日 下午 03:24
     
     
    登入以投票
    0

    Hello

    Because Local SID and Domain SID is different, I thin it is not possible. I think about SIDHistory. But it is not possible as I see on this post: http://www.pcreview.co.uk/forums/manually-add-sid-history-ad-account-t1450260.html

    A possible approach should be:

    1. To copy your Folder Tree from Workgroup file server to your Domain File server (Robocopy with special option)
    2. To Define security groups regarding your "workgroup" User.
    3. Create Sharing on the root
    4. apply NTFS permissions on your folder (to retrieve the same security form your Workgroup server)
    5. Copy all datas from your workgroup server to your Domain File server (robocopy - just copy folder and subtree + files without ACL)

    Finally this approach it is a file migration. It is the opportunity to provide a fresh file service.

    regards

    Eric Malartre

     
  • 2012年3月19日 上午 09:02
    版主
     
     已答覆
    登入以投票
    0

    Hi,

    I have an idea which may help, though it still need some time to perform.

    As we can output the security permission with command "icacls <folder> /save", we can save the permission as a TXT file.

    Then we can replace the SID of local account with the SID of domain account with "replace" in Notepad (or Word).

    If all user accounts are replaced correctly, it should still work when we restore the permission settings.

    Note: Though "/substitute" should be an easier method, it may not be properly applied on subfolders. You can first have a try with it before manually replacing SID in TXT file.

    TechNet Subscriber Support in forum |If you have any feedback on our support, please contact tnmff@microsoft.com.

    • 已標示為解答 Denis Cooper 2012年3月20日 上午 09:26
    •  
     
  • 2012年3月20日 上午 05:46
    版主
     
     
    登入以投票
    0
    How are thing going? Please let us know if there is anything further we could help.

    TechNet Subscriber Support in forum |If you have any feedback on our support, please contact tnmff@microsoft.com.