Re: Migrating accounts nt4 to 2k3 and SIDs
- From: "Jorge de Almeida Pinto [MVP]" <SubstituteThisWithMyFullNameSeparatedByDots@xxxxxxxxx>
- Date: Tue, 25 Jul 2006 22:50:04 +0200
it is best to FIRST migrate accounts using the ADMT and THEN configure the
ADC... if you do it the other way around additional steps are required
--
Cheers,
(HOPEFULLY THIS INFORMATION HELPS YOU!)
# Jorge de Almeida Pinto # MVP Windows Server - Directory Services
BLOG (WEB-BASED)--> http://blogs.dirteam.com/blogs/jorge/default.aspx
BLOG (RSS-FEEDS)--> http://blogs.dirteam.com/blogs/jorge/rss.aspx
------------------------------------------------------------------------------------------
* This posting is provided "AS IS" with no warranties and confers no rights!
* Always test before implementing!
------------------------------------------------------------------------------------------
#################################################
#################################################
------------------------------------------------------------------------------------------
"CGeneva" <CGeneva@xxxxxxxxxxxxxxxxxxxxxxxxx> wrote in message
news:9027D468-16DB-40C8-A419-95909C18E682@xxxxxxxxxxxxxxxx
Thank you for the replies (all of them). I can't say with 100% certainty
that I did all three of those steps you listed. I'll migrate a few groups
again, checking to make sure I hit all of your points, and then test
again.
The responses have reassured me that I'm heading in the right direction at
least.
I have the ADC between 5.5 and AD all set up and I thought working
correctly. I'm sure that's another issue entirely so I'll deal with it
seperately. Thanks for the info and I'll repost after I remigrate one of
the
groups.
"Jorge de Almeida Pinto [MVP]" wrote:
to my knowledge there is no need to disable SID filtering on the outgoing
trust side because on that side is the NT4 side and SID filtering is
disabled by default on the NT4 side
Have you:
* Migrated global groups with sid history
* Migrated users with sid history and fixing group membership
* Migrated local groups with sid history and fixing group membership
and if your users logon with the new account it should work after doing
these steps
for exchange you need to setup the ADC so that exchange 5.5 syncs with AD
and mail enables the AD accounts. After that you can move the mailboxes
over
to AD and so some other exchange related stuff
--
Cheers,
(HOPEFULLY THIS INFORMATION HELPS YOU!)
# Jorge de Almeida Pinto # MVP Windows Server - Directory Services
BLOG (WEB-BASED)--> http://blogs.dirteam.com/blogs/jorge/default.aspx
BLOG (RSS-FEEDS)--> http://blogs.dirteam.com/blogs/jorge/rss.aspx
------------------------------------------------------------------------------------------
* This posting is provided "AS IS" with no warranties and confers no
rights!
* Always test before implementing!
------------------------------------------------------------------------------------------
#################################################
#################################################
------------------------------------------------------------------------------------------
"Jorge de Almeida Pinto [MVP]"
<SubstituteThisWithMyFullNameSeparatedByDots@xxxxxxxxx> wrote in message
news:%23F$KM7BsGHA.1192@xxxxxxxxxxxxxxxxxxxxxxx
have you also migrated the groups with sidhistory and group
memberships?
--
Cheers,
(HOPEFULLY THIS INFORMATION HELPS YOU!)
# Jorge de Almeida Pinto # MVP Windows Server - Directory Services
BLOG (WEB-BASED)--> http://blogs.dirteam.com/blogs/jorge/default.aspx
BLOG (RSS-FEEDS)--> http://blogs.dirteam.com/blogs/jorge/rss.aspx
------------------------------------------------------------------------------------------
* This posting is provided "AS IS" with no warranties and confers no
rights!
* Always test before implementing!
------------------------------------------------------------------------------------------
#################################################
#################################################
------------------------------------------------------------------------------------------
"CGeneva" <CGeneva@xxxxxxxxxxxxxxxxxxxxxxxxx> wrote in message
news:CAAC0E83-C503-46F2-88CC-EA0A6F7D7BE9@xxxxxxxxxxxxxxxx
I'm in the process of migrating my accounts between an NT4 domain and
a
2k3
AD. I have a trust set up and I've turned off SID filtering. How do
SID
histories work with my user accounts. When I migrate user accounts
and
groups to the 2003 AD should they still have access to all the
resources
on
the NT4 domain?
What I'm trying to prevent is having to readd all the newly created AD
groups to resources in the NT4 domain.
Can anyone push me in the right direction for how I can accomplish
this
with
SID histories or what I'm missing? After I moved the user accounts
with
SID
history I'm not able to access the old NT4 resources.
Thanks.
.
- Follow-Ups:
- Re: Migrating accounts nt4 to 2k3 and SIDs
- From: CGeneva
- Re: Migrating accounts nt4 to 2k3 and SIDs
- References:
- Re: Migrating accounts nt4 to 2k3 and SIDs
- From: Jorge de Almeida Pinto [MVP]
- Re: Migrating accounts nt4 to 2k3 and SIDs
- From: Jorge de Almeida Pinto [MVP]
- Re: Migrating accounts nt4 to 2k3 and SIDs
- From: CGeneva
- Re: Migrating accounts nt4 to 2k3 and SIDs
- Prev by Date: Re: How can I prevent Fodlers from trying to sync
- Next by Date: Re: Two PC's keep jumping out of the domain
- Previous by thread: Re: Migrating accounts nt4 to 2k3 and SIDs
- Next by thread: Re: Migrating accounts nt4 to 2k3 and SIDs
- Index(es):
Relevant Pages
|
