need ADAM to ignore sid history when using lsalookupsid
- From: charlieherndon@xxxxxxxxx
- Date: 8 Aug 2006 15:06:38 -0700
The NT domain user proxy is created for all users, but for those who
have been migrated to AD (they still reside on AD and the account is
disabled in AD until they are individually migrated) we need them to
continue to authenticate through the userproxy to the NT domain.
Unfortunatley, lsalookupsid looks at the objectSID AND the sid history.
It finds the NT domain SID in the sid history (from the migration),
and directs the userproxy to the new AD account. Basically, we need it
to ignore the sid history when creating a userproxy, and only use the
objectSID of the NT domain. Is their a way to get lsalookupsid to not
look at the sid history of the AD domain?
.
- Follow-Ups:
- Re: need ADAM to ignore sid history when using lsalookupsid
- From: Dmitri Gavrilov [MSFT]
- Re: need ADAM to ignore sid history when using lsalookupsid
- From: Joe Richards [MVP]
- Re: need ADAM to ignore sid history when using lsalookupsid
- Prev by Date: Group Policy precedence question
- Next by Date: RE: Group Policy for XP Remote Desktop
- Previous by thread: Group Policy precedence question
- Next by thread: Re: need ADAM to ignore sid history when using lsalookupsid
- Index(es):
Relevant Pages
|
Loading
