RE: SID Filtering

From: Rob (anonymous_at_discussions.microsoft.com)
Date: 09/01/04

Next message: ScottS: "Hardware needs for a Novell to Windows 2003 Migration"
Previous message: Gordon: "RE: migrate NT, Exchang5.5 to 2K3, Exchg2000"
In reply to: Rebecca Chen [MSFT]: "RE: SID Filtering"
Next in thread: Rebecca Chen [MSFT]: "RE: SID Filtering"
Reply: Rebecca Chen [MSFT]: "RE: SID Filtering"
Messages sorted by: [ date ] [ thread ]

Date: Wed, 1 Sep 2004 11:06:51 -0700

When i access resource in NT4 domain with migrated
account,migrated account will be presented with the SID of
NT4 domain. NT4 domain controller will not filter any SID
because there is no QuarantinedDomains registry key on the
PDC. I get access to all the resource with SID History.
why do i need to disable sid filtering on w2k3 domain
controller?

I DID NOT DISABLE SID FILTERING ON W2K3 DC, STILL i CAN
ACCESS ALL THE RESOURCES IN NT4 DOMAIN WITH THE MIGRATED
ACCOUNT.
>-----Original Message-----
>Hi Rob,
>
>Thanks for the update!
>
>Please disable SID filtering by using the netdom command
on win2k3 server.
>
>Quarantineddomains should not be created, this key should
be deleted. After
>issue netdom command on both server, please refer to the
following KB to
>make sure Quarantineddomains is deleted.
>
>Windows 2000 and Windows Server 2003 Setup Does Not
Succeed When You
>Upgrade from a Windows NT 4.0-Based Primary Domain
Controller
>http://support.microsoft.com/default.aspx?scid=kb;en-
us;811961
>
>further questions, let us get in touch!
>
>
>Best regards,
>
>Rebecca Chen
>
>MCSE2000 MCDBA CCNA
>
>
>Microsoft Online Partner Support
>Get Secure! - www.microsoft.com/security
>
>=====================================================
>
>When responding to posts, please "Reply to Group" via
your newsreader so
>that others may learn and benefit from your issue.
>
>=====================================================
>This posting is provided "AS IS" with no warranties, and
confers no rights.
>
>.
>

Next message: ScottS: "Hardware needs for a Novell to Windows 2003 Migration"
Previous message: Gordon: "RE: migrate NT, Exchang5.5 to 2K3, Exchg2000"
In reply to: Rebecca Chen [MSFT]: "RE: SID Filtering"
Next in thread: Rebecca Chen [MSFT]: "RE: SID Filtering"
Reply: Rebecca Chen [MSFT]: "RE: SID Filtering"
Messages sorted by: [ date ] [ thread ]

Relevant Pages

Re: ACLs and permissions viewed after Migrating from NT 4 domain... The twilight zone?
... And if I decomission the old NT4 domain this should ... (the little problem I have noticed is that if you give permissions to both ... > to the new w2k user's sid history. ... > it also checks the sid history when attempting to crack a sid to a user. ...
(microsoft.public.win2000.security)
Re: How to determine the SID of a Global Group
... Unfortunately I need the SID of a Global ... Group in and NT4 domain and not AD, so adfind is not going to help on this ... of scripting, to enumerate all the group SID's within a domain. ...
(microsoft.public.windows.server.general)
Re: SID Hitory Not Working after ADMT 3 Migration
... Have you disable SID filtering? ... Explication des liaisons entre Migration et filtrage Sid: ... Do not expire source account ...
(microsoft.public.windows.server.migration)
Re: Migrating accounts nt4 to 2k3 and SIDs
... netdom trust /quarantine ... I have a trust set up and I've turned off SID filtering. ... groups to resources in the NT4 domain. ...
(microsoft.public.windows.server.active_directory)
Error 15401 adding login to SQL Server
... I have a SAP Server running SQL2000 on Windows 2003. ... ADMT (with SID Migration for users) and everything seems ok. ... Now, after one month, I have to shut down the old NT4 domain and before ... Then I tried to create the new login from the Enterprise Manager. ...
(microsoft.public.sqlserver.security)