Re: Re-establish trust relationship with replaced Domain Server
- From: "Jorge Silva" <jorgesilva_pt@xxxxxxxxxxx>
- Date: Wed, 4 Oct 2006 22:12:22 +0100
ahh.. howver if it works, sounds good...
--
I hope that the information above helps you
Good Luck
Jorge Silva
MCSA
Systems Administrator
"Jorge de Almeida Pinto [MVP - DS]"
<SubstituteThisWithMyFullNameSeparatedByDots@xxxxxxxxx> wrote in message
news:e56tYiz5GHA.2264@xxxxxxxxxxxxxxxxxxxxxxx
no, I have not. it was just something I thought of that might work to help
the guy...
and I forgot to add....
join computers to the domain before the translation but after tthe
creation of the forest/domain (dont let users logon before the
translation)
--
Cheers,
(HOPEFULLY THIS INFORMATION HELPS YOU!)
# Jorge de Almeida Pinto # MVP Windows Server - Directory Services
BLOG (WEB-BASED)--> http://blogs.dirteam.com/blogs/jorge/default.aspx
BLOG (RSS-FEEDS)--> http://blogs.dirteam.com/blogs/jorge/rss.aspx
------------------------------------------------------------------------------------------
* This posting is provided "AS IS" with no warranties and confers no
rights!
* Always test before implementing!
------------------------------------------------------------------------------------------
#################################################
#################################################
------------------------------------------------------------------------------------------
"Jorge Silva" <jorgesilva_pt@xxxxxxxxxxx> wrote in message
news:u95Q$an5GHA.4608@xxxxxxxxxxxxxxxxxxxxxxx
Hi
* from EACH computer retrieve the SID and samaccountname from the
registry
* create a new domain/forest with ALL accounts using the SAME
samaccountname for each USER
* create a SID Mapping file (http://support.microsoft.com/?id=835991)
where the SID of each new user is mapped with its old SID.
* Use ADMT to translate profiles (etc.) on the workstations (replace
mode) where the SID mapping file is used
Did you actually ever tried this Jorge?
--
I hope that the information above helps you
Good Luck
Jorge Silva
MCSA
Systems Administrator
"Jorge de Almeida Pinto [MVP - DS]"
<SubstituteThisWithMyFullNameSeparatedByDots@xxxxxxxxx> wrote in message
news:erUBP4l5GHA.340@xxxxxxxxxxxxxxxxxxxxxxx
I agree with Tomasz.....
however, in ADDITION: you might wanna try the following (which will be
a PITA job to do):
* from EACH computer retrieve the SID and samaccountname from the
registry
* create a new domain/forest with ALL accounts using the SAME
samaccountname for each USER
* create a SID Mapping file (http://support.microsoft.com/?id=835991)
where the SID of each new user is mapped with its old SID.
* Use ADMT to translate profiles (etc.) on the workstations (replace
mode) where the SID mapping file is used
test this first in a test environment
--
Cheers,
(HOPEFULLY THIS INFORMATION HELPS YOU!)
# Jorge de Almeida Pinto # MVP Windows Server - Directory Services
BLOG (WEB-BASED)--> http://blogs.dirteam.com/blogs/jorge/default.aspx
BLOG (RSS-FEEDS)--> http://blogs.dirteam.com/blogs/jorge/rss.aspx
------------------------------------------------------------------------------------------
* This posting is provided "AS IS" with no warranties and confers no
rights!
* Always test before implementing!
------------------------------------------------------------------------------------------
#################################################
#################################################
------------------------------------------------------------------------------------------
"Tomasz Onyszko" <T.Onyszko_nospam_@xxxxxx> wrote in message
news:eGpkPhk5GHA.512@xxxxxxxxxxxxxxxxxxxxxxx
Gary Mears wrote:
Got a client who had server stolen - no backups! Replaced server and
tried to keep as many credentials the same as possible, however, the
workstations do not log on properly as their is no trust relationship
in place for the correct SID. Have tried all the 'netdom' commands,
but it continually says that there is no logon server available. Of
course the obvious router would be to dis-join from the domain and
re-join, however this customer can't lose the information in the
current domain profile on each of the workstations.
This was only DC in a domain? If the answer is Yes You have to
disjoint these workstations from old domain, promote DC for a new
domain and join them again.
Information from old profiles will have to be copied to new profiles.
--
Tomasz Onyszko
http://www.w2k.pl/ - (PL)
http://blogs.dirteam.com/blogs/tomek/ - (EN)
.
- References:
- Re: Re-establish trust relationship with replaced Domain Server
- From: Tomasz Onyszko
- Re: Re-establish trust relationship with replaced Domain Server
- From: Jorge de Almeida Pinto [MVP - DS]
- Re: Re-establish trust relationship with replaced Domain Server
- From: Jorge Silva
- Re: Re-establish trust relationship with replaced Domain Server
- From: Jorge de Almeida Pinto [MVP - DS]
- Re: Re-establish trust relationship with replaced Domain Server
- Prev by Date: Re: Computers/Server dis-joining from domain
- Next by Date: Re: replication
- Previous by thread: Re: Re-establish trust relationship with replaced Domain Server
- Next by thread: NETLOGON EventID 5802
- Index(es):
Relevant Pages
|
