RE: Data Migration
- From: v-adapan@xxxxxxxxxxxxxxxxxxxx (Ada Pan [MSFT])
- Date: Tue, 18 Oct 2005 06:39:00 GMT
Hi Tony,
The former that the ACLs will be "olddomain\user" and the new domain users
access the files using SID history is correct.
If you want to replace NT ACLs with 2k3 ACLs, you can use SubInACL tool.
SubInACL is a command-line tool that enables administrators to obtain
security information about files, registry keys, and services, and transfer
this information from user to user, from local or global group to group,
and from domain to domain. To download Subinacl.exe, see"SubInACL
(SubInACL.exe)" on the Microsoft Web site at
http://go.microsoft.com/fwlink/?LinkId=23418.
For example, you can use the following command below.
Subinacl /subdirectories x:\directory\*.* /replace=oldsid=newsid
OR
subinacl /subdirectories x:\directory\*.* /replace=
NTDOMAIN\FILEUSERS=W2K3DOMAIN\FILEUSERS
For additional information about the syntax and usage of the Subinacl.exe
utility, type subinacl /help at the command line.
Using the Command Line to Edit Multiple Subdirectory Permissions
http://support.microsoft.com/kb/265360
Download details: SubInACL (SubInACL.exe)
http://www.microsoft.com/downloads/details.aspx?FamilyID=e8ba3e56-d8fe-4a91-
93cf-ed6985e3927b&displaylang=en
Hope it helps.
Regards,
Ada Pan
Microsoft Online Partner Support
Get Secure! - www.microsoft.com/security
=====================================================
When responding to posts, please "Reply to Group" via your newsreader so
that others may learn and benefit from your issue.
=====================================================
This posting is provided "AS IS" with no warranties, and confers no rights.
.
- Prev by Date: Re: computer and profile migration
- Next by Date: RE: ADMT v2 computer migration failure
- Previous by thread: Moveuser.exe "error 5 - access denied"
- Next by thread: RE: Data Migration
- Index(es):
Relevant Pages
|
