RE: How to use ADMT3?

Vincent,
The Tool is so cool, we will use it to assign sid to all the folders
Thank you very much for all the helps. Hong

"Vincent Xu [MSFT]" wrote:

Hi,

I think it will be troublesome if you have lots of clients because you have
to manually assign sid to all folders.

Check following tool:

<http://www.microsoft.com/downloads/details.aspx?FamilyID=e8ba3e56-d8fe-4a91
-93cf-ed6985e3927b&displaylang=en>

to manage the ACLs on folders.

Hope it helps.


Best regards,

Vincent Xu
Microsoft Online Partner Support

======================================================
Get Secure! - www.microsoft.com/security
======================================================
When responding to posts, please "Reply to Group" via your newsreader so
that others
may learn and benefit from this issue.
======================================================
This posting is provided "AS IS" with no warranties,and confers no rights.
======================================================



--------------------
Thread-Topic: How to use ADMT3?
thread-index: AcbFI89Kmec3sIsbTIiQmxk+g7V49Q==
X-WBNR-Posting-Host: 162.114.211.139
From: =?Utf-8?B?SG9uZw==?= <Hong@xxxxxxxxxxxxxxxxxxxxxxxxx>
References: <CEF1BA26-57EF-4C9F-A7D2-374459A5DB62@xxxxxxxxxxxxx>
<F79YDOOxGHA.5864@xxxxxxxxxxxxxxxxxxxxx>
Subject: RE: How to use ADMT3?
Date: Mon, 21 Aug 2006 06:15:01 -0700
Lines: 101
Message-ID: <F1FD35D3-15DA-4988-AA0B-3764D2D1D621@xxxxxxxxxxxxx>
MIME-Version: 1.0
Content-Type: text/plain;
charset="Utf-8"
Content-Transfer-Encoding: 7bit
X-Newsreader: Microsoft CDO for Windows 2000
Content-Class: urn:content-classes:message
Importance: normal
Priority: normal
X-MimeOLE: Produced By Microsoft MimeOLE V6.00.3790.1830
Newsgroups: microsoft.public.windows.server.migration
Path: TK2MSFTNGXA01.phx.gbl
Xref: TK2MSFTNGXA01.phx.gbl
microsoft.public.windows.server.migration:24861
NNTP-Posting-Host: TK2MSFTNGXA01.phx.gbl 10.40.2.250
X-Tomcat-NG: microsoft.public.windows.server.migration

Vincent,
Thank you so much for the information. But we can't migrate a new user
account anymore, it was a mess.
The email team migrated our user accounts to the new AD tree before the
network team migrate them, since the email only need the user account
itself,
so the email team did not migrate with SID history, did not perform
security
translation....., and they thought the network team then just migrate the
workstations. (And the original ADMT machine is gone forever now)
Any suggestion on our situation? how to perform workstations migration
with
sID histroy and user profile without user account migration? the arctical
for
"SID mapping file with the ADMT" sounds good, but I don't really
understand
how to do it, I don't know any VPscript at all, is any other resource out
there have more details? Many thanks in advance for any idea. Hong



"Vincent Xu [MSFT]" wrote:

Hi,

I'd like to suggest you perform security translation to associate the
profile with new user account.

835991 How to use a SID mapping file with the ADMT tool to perform a
resource domain migration to Windows Server 2003
http://support.microsoft.com/default.aspx?scid=kb;EN-US;835991



Best regards,

Vincent Xu
Microsoft Online Partner Support

======================================================

Get Secure! - www.microsoft.com/security
======================================================
When responding to posts, please "Reply to Group" via your newsreader
so
that others
may learn and benefit from this issue.
======================================================
This posting is provided "AS IS" with no warranties,and confers no
rights.
======================================================



--------------------
Thread-Topic: How to use ADMT3?
thread-index: AcbDF2Hn4DJUdahjS6mN66kbfsKD/w==
X-WBNR-Posting-Host: 74.129.127.213
From: =?Utf-8?B?SG9uZw==?= <Hong@xxxxxxxxxxxxxxxxxxxxxxxxx>
Subject: How to use ADMT3?
Date: Fri, 18 Aug 2006 15:41:02 -0700
Lines: 16
Message-ID: <CEF1BA26-57EF-4C9F-A7D2-374459A5DB62@xxxxxxxxxxxxx>
MIME-Version: 1.0
Content-Type: text/plain;
charset="Utf-8"
Content-Transfer-Encoding: 7bit
X-Newsreader: Microsoft CDO for Windows 2000
Content-Class: urn:content-classes:message
Importance: normal
Priority: normal
X-MimeOLE: Produced By Microsoft MimeOLE V6.00.3790.1830
Newsgroups: microsoft.public.windows.server.migration
Path: TK2MSFTNGXA01.phx.gbl
Xref: TK2MSFTNGXA01.phx.gbl
microsoft.public.windows.server.migration:24843
NNTP-Posting-Host: TK2MSFTNGXA01.phx.gbl 10.40.2.250
X-Tomcat-NG: microsoft.public.windows.server.migration

We will need to migrate our domain from NT4.0 to AD (in the same
forest)
and
we want to migrate with SID history and also the "local user
profiles".
The main problem is: we have the user accounts already in AD for
Email
only.
When we used ADMT2 to do the migration, it failed because the user
accounts
already in the AD (our email account is exactly the same as our
network
account), we don't want to rename any of them).
Then we try to use ADMT3 (steps: migrate Global group --> user
accounts,
we
checked box of "SID history.." --> translate local user profile, we
checked
box of "user profile" --> migrate workstations, we didn't check any
boxes
--> remigrat global group), it went through without any problem. But
when
we
login the new domain on the workstation, (it re-create another
profile)we
lost all our setting - desktop, shortcuts, printer, access to the old
domain
resource.... Anyway, it did not migrated with SID history and the
user
profile did not get translated. Is any one there know what did we do
wrong on
the ADMT3? is anyone there have any idea? is any one there know the
step
by
step how to use ADMT3? any advise will be greatly appreciated. Hong






.

Relevant Pages

  • RE: Data migration without trusts
    ... Each user account has a unique SID, and the NTFS authorization is based ... which mainly consists of SID ... not their SIDs directly when viewing the NTFS permissions? ... In addition, as for user profile, the USFT (User State Migration Tool) is ...
    (microsoft.public.windows.server.migration)
  • RE: How to use ADMT3?
    ... to manually assign sid to all folders. ... Xref: TK2MSFTNGXA01.phx.gbl ... since the email only need the user account ... resource domain migration to Windows Server 2003 ...
    (microsoft.public.windows.server.migration)
  • Freeze post MA (was Re: Best/Easiest Migration to New Mac)
    ... the new Mac. ... Can I just copy the contents of the folders within each of our User ... I used Migration Assistant for transferring our user accounts to our new ... My wife's user account from her Leopard PB G4 worked fine. ...
    (comp.sys.mac.system)
  • Re: Domain Migration and Logins
    ... I dont know how migration works, but my guess is that the new account ... stored in its DB (like login name and its corresponding SID). ... I didnt understand your last part "Current Activity tab on SQL Server 7.0 ... DBA User account is migrated to domain ...
    (microsoft.public.sqlserver.security)
  • SID remains on data after user is deleted
    ... rights are stamped on the NTFS permissions of files and folders, the SID ... remains after the user account is deleted. ...
    (microsoft.public.windows.file_system)
Loading