We help IT Professionals succeed at work.

Migrate local groups from a standalone server to a DC

I am trying to find a method of migrating users and groups from a Standalone Windows 2000 Server to a 2003 Domain controller, taking the permissions but not the data, can somebody help?
Comment
Watch Question

You cannot do this directly.  The SIDs are not compatible.

However, you can use the SIDWalker tools to help to adjust existing ACLs to point to new users/groups.

See http://technet2.microsoft.com/windowsserver/en/library/81e8939d-d58b-4451-958d-6f39ff5ae5541033.mspx?mfr=true

Author

Commented:
I will try that thnaks for the quick answer
You're welcome.  So the steps are:

1.  Create and populate corresponding groups in Active Directory.  Your users will need to wait for replication and then log out and back in to be members of the new groups.

2.  Use the showaccs tool to see what groups have permissions assigned and where those assignments have been made.  It can also generate a map file that can be adjusted for use with sidwalker

3.  Use the sidwalker tool to change permissions in a test mode

4.  When you are confident, use sidwalker normally to make the changes

5.  Use the showaccs tool to see the end results

Explore More ContentExplore courses, solutions, and other research materials related to this topic.