RE: Local Group memberships
From: Frances [MSFT] (v-franhe_at_microsoft.com)
Date: 03/03/05
- Next message: Bill Nitz: "Re: Image from DC to new hardware"
- Previous message: Stefan: "Image from DC to new hardware"
- In reply to: Panjwanis: "Local Group memberships"
- Messages sorted by: [ date ] [ thread ]
Date: Thu, 03 Mar 2005 13:29:13 GMT
Hello,
Good to hear from you.
According to your message, I understand you want to migrate builtin group
membership from NT to win2k3 domain.
Built-in accounts (such as Administrators, Users, and Power Users) cannot
be ADMT migration objects. Because built-in account SIDs are identical in
every domain, migrating these accounts to a target domain results in
duplicate SIDs in a single domain. Every SID in a forest must be unique.
If you want to add a user who is member of account operators in Windows NT
to the account operator group in windows 2003. You have two methods.
I assume the user is already migrated to win2k3 domain using ADMT user
migration wizard.
1. Manually add the user to the "account operator" group.
2. Using script.
1) Export the membership from NT domain to a .txt file.
Use Showmbrs to export the membership of group "server operators".
You will have the following formats:
Domain1\User1
Domain1\User2
2) Modify the .txt file to the format "dsmod group" desire.
Refer to the following article for the syntax of the command.
Dsmod group
http://www.microsoft.com/windowsxp/home/using/productdoc/en/default.asp?url=
/windowsxp/home/using/productdoc/en/dsmod_group.asp
You may have to write a script to get the desired format.
3) Use "dsmod group" to add the membership to "account operator" group.
Since script is not supported in the newsgroup, I just give you the idea to
achieve your goal. Hope this helps.
If you have any questions or concerns regarding this issue, please do not
hesitate to let me know.
Best regards,
Frances He
Microsoft Online Partner Support
Get Secure! - www.microsoft.com/security
=====================================================
When responding to posts, please "Reply to Group" via your newsreader so
that others may learn and benefit from your issue.
=====================================================
This posting is provided "AS IS" with no warranties, and confers no rights.
- Next message: Bill Nitz: "Re: Image from DC to new hardware"
- Previous message: Stefan: "Image from DC to new hardware"
- In reply to: Panjwanis: "Local Group memberships"
- Messages sorted by: [ date ] [ thread ]
Relevant Pages
|
