Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people, just like you, are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
Solved

Windows 2000 to 2003 Migration, SID History was used but migrated accounts are gettting Access Denied to resources.

Posted on 2006-06-19
3
859 Views
Last Modified: 2012-06-22
Windows 2000 to 2003 Migration, SID History was used but migrated accounts are gettting Access Denied to resources.
I verified that the SID Hitory attribute on the new domain account as the correct SID from the old.
I simply tried to access some sharred folders and get Access Denied.
As a test I manulyy added the users new 2003 account to the permissions on the shared resoures in the old domain and that works, which shows that the SID History is not being checked?

Help

Thanks
Ian
0
Comment
Question by:strathit
  • 2
3 Comments
 
LVL 70

Accepted Solution

by:
Chris Dent earned 500 total points
ID: 16937520

Hi Ian,

Did you disable SID Filtering on the Trust relationship between the old and new domain? If not the permissions will not work between the domains.

If you do need to disable it follow this little MS piece:

http://technet2.microsoft.com/WindowsServer/en/Library/01e5cf71-b317-4967-82a2-75b7b632b7461033.mspx?mfr=true

Chris
0
 

Author Comment

by:strathit
ID: 16943545
THANK-YOU....!!!!  I wish we could assign more points!
0
 
LVL 70

Expert Comment

by:Chris Dent
ID: 16943575

Pleasure, glad it helped :)

Chris
0

Featured Post

Three Reasons Why Backup is Strategic

Backup is strategic to your business because your data is strategic to your business. Without backup, your business will fail. This white paper explains why it is vital for you to design and immediately execute a backup strategy to protect 100 percent of your data.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

by Batuhan Cetin In this article I will be guiding through the process of removing a failed DC metadata from Active Directory (hereafter, AD) using the ntdsutil tool in a Windows Server 2003 environment. These steps are not necessary in a Win…
Recently, I had the need to build a standalone system to run a point-of-sale system. I’m running this on a low-voltage Atom processor, so I wanted a light-weight operating system, but still needed Windows. I chose to use Microsoft Windows Server 200…
Microsoft Active Directory, the widely used IT infrastructure, is known for its high risk of credential theft. The best way to test your Active Directory’s vulnerabilities to pass-the-ticket, pass-the-hash, privilege escalation, and malware attacks …
With Secure Portal Encryption, the recipient is sent a link to their email address directing them to the email laundry delivery page. From there, the recipient will be required to enter a user name and password to enter the page. Once the recipient …

790 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question