Solved

Convert Resource Domain to User Domain ?

Posted on 1997-08-08
7
264 Views
Last Modified: 2013-12-19
DomainA is a Resource Domain(RD) and DomainB used to
be the Master Doman(MD).  Now DomB is going away, so DomA is its own user domain.  I've to recreate all the users in DomA.
But, my resource permissions is DomA used to be from MD. It means, permissions are set for DomB\UserX or DomB\GroupX.  Now, I have to re-apply all the permissions back from DomB\UserX to just UserX.  Luckily 90% of my permissions are Group based, so all I have to do is to re-define the local group memberships.  But, in some cases, there are explicit out of domain references.  How should I find where these are ? and change the references.
I tried to use, SHOWACLS, SHOWMBRS etc.. from RKit but they don't work properly for wildcards !  I am thinking of
manually go through directories and check for permissions which might take a century by the time I am done.

Any easy solution to this?  If so, please let me know.  I am in desperate need.  Thank you.

Srini.
0
Comment
Question by:snimmaga
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 4
  • 3
7 Comments
 
LVL 5

Accepted Solution

by:
y96andha earned 70 total points
ID: 1563092
Use
 CACLS *.* /T >filename.txt
and then search the resulting textfile for references to the old domain name.

If you really have lots of permissions to change, it might be faster to write a program for it, but as I understand it, there are not many places to change, just many places to look in that might need to be changed?
0
 
LVL 5

Author Comment

by:snimmaga
ID: 1563093
Thank you, though the answer gives me a direction to look into, I was expecting a more detailed easier way.
ThanX again..
0
 
LVL 5

Expert Comment

by:y96andha
ID: 1563094
Do you need to search anything else than files?
0
Industry Leaders: We Want Your Opinion!

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

 
LVL 5

Author Comment

by:snimmaga
ID: 1563095
Actually, there is a global group from the Master User domain which has permissions (varying) on all the directories in the Resource domain.  Now, after I drop the Trust, I need to create a local group with the same members in the RD and replace the original Group with this new local group in all the acls.
This is just one example.  There are other scenarios similar to this.  Now, I should list all the directories which are referencing the old Global group and make changes to those directories, alone.  OR I should replace everywhere in my RD, the old group with the new group.  
What happens, if it is a single user from a different domain who has permissions set on a resource in the RD?  How many scenarios do I have?  I don't know.  I have to study.  It looks quite tedious to me and am wondering if there any 3rd party tools or something which can help make things easier.
Thank you for your continued interest.
Srini.
0
 
LVL 5

Expert Comment

by:y96andha
ID: 1563096
Well, using cacls *.* /t will at least show you what you are dealing with. If you are lucky, you'll only find a few references to the domain name in this file.

If you find there are too many, maybe it would be possible to write some kind of program. It very much depends on how many different changes need to be made, only replacing one group with an other is simple.
0
 
LVL 5

Author Comment

by:snimmaga
ID: 1563097
Thank you, I will look into this.  I need some time to evaluate my options.  I will let you know, once I find an easy way out.

Thanks again.
Srini.
If you want me to e-mail to you in future, please send me you e-mail.  My email is, snimmaga@ford.com

0
 
LVL 5

Author Comment

by:snimmaga
ID: 1563098
Thank you, I will look into this.  I need some time to evaluate my options.  I will let you know, once I find an easy way out.

Thanks again.
Srini.
If you want me to e-mail to you in future, please send me you e-mail.  My email is, snimmaga@ford.com

0

Featured Post

Get 15 Days FREE Full-Featured Trial

Benefit from a mission critical IT monitoring with Monitis Premium or get it FREE for your entry level monitoring needs.
-Over 200,000 users
-More than 300,000 websites monitored
-Used in 197 countries
-Recommended by 98% of users

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Nslookup is a command line driven utility supplied as part of most Windows operating systems that can reveal information related to domain names and the Internet Protocol (IP) addresses associated with them. In simple terms, it is a tool that can …
We recently endured a series of broadcast storms that caused our ISP to shut us down for brief periods of time. After going through a multitude of tests, we determined that the issue was related to Intel NIC drivers on some new HP desktop computers …
Michael from AdRem Software explains how to view the most utilized and worst performing nodes in your network, by accessing the Top Charts view in NetCrunch network monitor (https://www.adremsoft.com/). Top Charts is a view in which you can set seve…
In this video you will find out how to export Office 365 mailboxes using the built in eDiscovery tool. Bear in mind that although this method might be useful in some cases, using PST files as Office 365 backup is troublesome in a long run (more on t…
Suggested Courses

622 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question