Solved

Convert Resource Domain to User Domain ?

Posted on 1997-08-08
7
252 Views
Last Modified: 2013-12-19
DomainA is a Resource Domain(RD) and DomainB used to
be the Master Doman(MD).  Now DomB is going away, so DomA is its own user domain.  I've to recreate all the users in DomA.
But, my resource permissions is DomA used to be from MD. It means, permissions are set for DomB\UserX or DomB\GroupX.  Now, I have to re-apply all the permissions back from DomB\UserX to just UserX.  Luckily 90% of my permissions are Group based, so all I have to do is to re-define the local group memberships.  But, in some cases, there are explicit out of domain references.  How should I find where these are ? and change the references.
I tried to use, SHOWACLS, SHOWMBRS etc.. from RKit but they don't work properly for wildcards !  I am thinking of
manually go through directories and check for permissions which might take a century by the time I am done.

Any easy solution to this?  If so, please let me know.  I am in desperate need.  Thank you.

Srini.
0
Comment
Question by:snimmaga
  • 4
  • 3
7 Comments
 
LVL 5

Accepted Solution

by:
y96andha earned 70 total points
ID: 1563092
Use
 CACLS *.* /T >filename.txt
and then search the resulting textfile for references to the old domain name.

If you really have lots of permissions to change, it might be faster to write a program for it, but as I understand it, there are not many places to change, just many places to look in that might need to be changed?
0
 
LVL 5

Author Comment

by:snimmaga
ID: 1563093
Thank you, though the answer gives me a direction to look into, I was expecting a more detailed easier way.
ThanX again..
0
 
LVL 5

Expert Comment

by:y96andha
ID: 1563094
Do you need to search anything else than files?
0
Microsoft Certification Exam 74-409

Veeam® is happy to provide the Microsoft community with a study guide prepared by MVP and MCT, Orin Thomas. This guide will take you through each of the exam objectives, helping you to prepare for and pass the examination.

 
LVL 5

Author Comment

by:snimmaga
ID: 1563095
Actually, there is a global group from the Master User domain which has permissions (varying) on all the directories in the Resource domain.  Now, after I drop the Trust, I need to create a local group with the same members in the RD and replace the original Group with this new local group in all the acls.
This is just one example.  There are other scenarios similar to this.  Now, I should list all the directories which are referencing the old Global group and make changes to those directories, alone.  OR I should replace everywhere in my RD, the old group with the new group.  
What happens, if it is a single user from a different domain who has permissions set on a resource in the RD?  How many scenarios do I have?  I don't know.  I have to study.  It looks quite tedious to me and am wondering if there any 3rd party tools or something which can help make things easier.
Thank you for your continued interest.
Srini.
0
 
LVL 5

Expert Comment

by:y96andha
ID: 1563096
Well, using cacls *.* /t will at least show you what you are dealing with. If you are lucky, you'll only find a few references to the domain name in this file.

If you find there are too many, maybe it would be possible to write some kind of program. It very much depends on how many different changes need to be made, only replacing one group with an other is simple.
0
 
LVL 5

Author Comment

by:snimmaga
ID: 1563097
Thank you, I will look into this.  I need some time to evaluate my options.  I will let you know, once I find an easy way out.

Thanks again.
Srini.
If you want me to e-mail to you in future, please send me you e-mail.  My email is, snimmaga@ford.com

0
 
LVL 5

Author Comment

by:snimmaga
ID: 1563098
Thank you, I will look into this.  I need some time to evaluate my options.  I will let you know, once I find an easy way out.

Thanks again.
Srini.
If you want me to e-mail to you in future, please send me you e-mail.  My email is, snimmaga@ford.com

0

Featured Post

What is SQL Server and how does it work?

The purpose of this paper is to provide you background on SQL Server. It’s your self-study guide for learning fundamentals. It includes both the history of SQL and its technical basics. Concepts and definitions will form the solid foundation of your future DBA expertise.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Title # Comments Views Activity
USB on Hyper-V VM Server 2012R2 13 103
Configure File History in Windows 10 Pro 13 99
Group Policy Issue Filtering Streaming Video 7 76
Network Switch Connections 8 60
This article is in response to a question (http://www.experts-exchange.com/Networking/Network_Management/Network_Analysis/Q_28230497.html) here at Experts Exchange. The Original Poster (OP) requires a utility that will accept a list of IP addresses …
An article on effective troubleshooting
This Micro Tutorial will give you a basic overview how to record your screen with Microsoft Expression Encoder. This program is still free and open for the public to download. This will be demonstrated using Microsoft Expression Encoder 4.
Microsoft Active Directory, the widely used IT infrastructure, is known for its high risk of credential theft. The best way to test your Active Directory’s vulnerabilities to pass-the-ticket, pass-the-hash, privilege escalation, and malware attacks …

772 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question