Learn how to a build a cloud-first strategyRegister Now

x
  • Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 272
  • Last Modified:

Convert Resource Domain to User Domain ?

DomainA is a Resource Domain(RD) and DomainB used to
be the Master Doman(MD).  Now DomB is going away, so DomA is its own user domain.  I've to recreate all the users in DomA.
But, my resource permissions is DomA used to be from MD. It means, permissions are set for DomB\UserX or DomB\GroupX.  Now, I have to re-apply all the permissions back from DomB\UserX to just UserX.  Luckily 90% of my permissions are Group based, so all I have to do is to re-define the local group memberships.  But, in some cases, there are explicit out of domain references.  How should I find where these are ? and change the references.
I tried to use, SHOWACLS, SHOWMBRS etc.. from RKit but they don't work properly for wildcards !  I am thinking of
manually go through directories and check for permissions which might take a century by the time I am done.

Any easy solution to this?  If so, please let me know.  I am in desperate need.  Thank you.

Srini.
0
snimmaga
Asked:
snimmaga
  • 4
  • 3
1 Solution
 
y96andhaCommented:
Use
 CACLS *.* /T >filename.txt
and then search the resulting textfile for references to the old domain name.

If you really have lots of permissions to change, it might be faster to write a program for it, but as I understand it, there are not many places to change, just many places to look in that might need to be changed?
0
 
snimmagaAuthor Commented:
Thank you, though the answer gives me a direction to look into, I was expecting a more detailed easier way.
ThanX again..
0
 
y96andhaCommented:
Do you need to search anything else than files?
0
Technology Partners: We Want Your Opinion!

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

 
snimmagaAuthor Commented:
Actually, there is a global group from the Master User domain which has permissions (varying) on all the directories in the Resource domain.  Now, after I drop the Trust, I need to create a local group with the same members in the RD and replace the original Group with this new local group in all the acls.
This is just one example.  There are other scenarios similar to this.  Now, I should list all the directories which are referencing the old Global group and make changes to those directories, alone.  OR I should replace everywhere in my RD, the old group with the new group.  
What happens, if it is a single user from a different domain who has permissions set on a resource in the RD?  How many scenarios do I have?  I don't know.  I have to study.  It looks quite tedious to me and am wondering if there any 3rd party tools or something which can help make things easier.
Thank you for your continued interest.
Srini.
0
 
y96andhaCommented:
Well, using cacls *.* /t will at least show you what you are dealing with. If you are lucky, you'll only find a few references to the domain name in this file.

If you find there are too many, maybe it would be possible to write some kind of program. It very much depends on how many different changes need to be made, only replacing one group with an other is simple.
0
 
snimmagaAuthor Commented:
Thank you, I will look into this.  I need some time to evaluate my options.  I will let you know, once I find an easy way out.

Thanks again.
Srini.
If you want me to e-mail to you in future, please send me you e-mail.  My email is, snimmaga@ford.com

0
 
snimmagaAuthor Commented:
Thank you, I will look into this.  I need some time to evaluate my options.  I will let you know, once I find an easy way out.

Thanks again.
Srini.
If you want me to e-mail to you in future, please send me you e-mail.  My email is, snimmaga@ford.com

0

Featured Post

What does it mean to be "Always On"?

Is your cloud always on? With an Always On cloud you won't have to worry about downtime for maintenance or software application code updates, ensuring that your bottom line isn't affected.

  • 4
  • 3
Tackle projects and never again get stuck behind a technical roadblock.
Join Now