Re: modify sIDHistory

One key component that I did not add is this.

The source domain is SAMBA3 and the destination is Server 2003 AD Native Mode.



"John E Davis" wrote:

> Can someone explain this limitation so to speak?
>
> I have also run into an issue where I used ADSI Edit in order to locate the
> user that I wanted to modify. After going to the properties of the user I
> selected sidHistory and pasted the octet value of the user sid that I wanted
> to use. I selected add and then apply. I received a access denied error from
> the system. The logged in user was the Enterprise and Schema Admin.
>
> What process is the ADMT tool using that allows it to create and append the
> old SID? I don't see why you can't manually replicate that without having to
> use the tool. The main reason behind this, is E-Directory is being used to
> create users in AD and publish the old SID in the attribute value of the user
> created SID. At any rate, i just want to know if there is an easier way to
> modify SIDHistory manually, without using any tools...because E-Directory is
> unable to run Windows Tools, but it can call VBS Scripts to run.
>
> Thanks,
>
> John
>
>
> "Michael D'Angelo" wrote:
>
> > "Damir Kh. Shakirov" <DamirKhShakirov@xxxxxxxxxxxxxxxxxxxxxxxxx> wrote in
> > message news:0146C31B-D181-414A-9220-3D52C439BB18@xxxxxxxxxxxxxxxx
> > > Whether it is possible modify attribute sIDHistory by means of ADSI Edit?
> > > I wish by means of ADMT to clone accounts from domain A in domain B. And
> > > then to copy attribute sIDHistory at clones in this attribute already at
> > > existing accounts.
> >
> > You can't use ADSI Edit to do this. There is an api you must call to do it.
> > Here is a sample in VB.NET which will do it.
> > Option Explicit On
> >
> > Public Module SidHist
> >
> > Public Sub ClonePrincipal(ByVal srcDC As String, ByVal srcDom As String,
> > ByVal srcSam As String, ByVal dstDC As String, ByVal dstDom As String, ByVal
> > dstSam As String)
> >
> > ' Create the COM object implementing ICloneSecurity Principal
> >
> > Dim clonepr
> >
> > clonepr = CreateObject("DSUtils.ClonePrincipal")
> >
> > ' Connect to the source and destination domain controllers
> >
> > clonepr.Connect(srcDC, srcDom, dstDC, dstDom)
> >
> >
> >
> > ' Add the SID of the source principal to the sid history of the destination
> >
> > ' principal.
> >
> > clonepr.AddSidHistory(srcSam, dstSam, 0)
> >
> >
> >
> > End Sub
> >
> > End Module
> >
> >
> >
.

Relevant Pages

  • Re: modify sIDHistory
    ... try using the clone principal scripts from MS. (reskit or supp. ... > selected sidHistory and pasted the octet value of the user sid that I ... >> Public Sub ClonePrincipal(ByVal srcDC As String, ByVal srcDom As String, ...
    (microsoft.public.windows.server.active_directory)
  • Re: modify sIDHistory
    ... selected sidHistory and pasted the octet value of the user sid that I wanted ... >> Whether it is possible modify attribute sIDHistory by means of ADSI Edit? ... > Public Sub ClonePrincipal(ByVal srcDC As String, ByVal srcDom As String, ...
    (microsoft.public.windows.server.active_directory)
  • Re: Systemkonto ermitteln
    ... Du die SID in einen String umformen. ... if(!LookupAccountSid(null, sid, name, ref cchName, referencedDomainName, ... ref cchReferencedDomainName, out sidUse)) { ...
    (microsoft.public.de.german.entwickler.dotnet.csharp)
  • RE: MAPI problem with HrGetServerDN
    ... 'Destination Host Unreachable ... Private Declare Function WSACleanup Lib "WSOCK32.DLL" As Long ... 'Create a handle on which Internet Control Message Protocol (ICMP) requests ... Private Declare Function inet_addr Lib "WSOCK32.DLL" (ByVal cp As String) As ...
    (microsoft.public.exchange.applications)
  • Re: sidHistory and Groups
    ... external trust --> sid filtering by default enabled, sidhistory does NOT works ... SOURCEUSER is member of SOURCEGROUP ... SOURCEUSER is migrated to TARGETDOMAIN and becomes TARGETUSER with sid of SOURCEUSER in sidhistory and is member of TARGETGROUP ...
    (microsoft.public.windows.server.migration)
Loading