About to break trust between NT4 domain and AD domain, need to find way to automatically change all ntfs permissions
Posted on 2008-06-24
We have an old NT4 domain (domain1) that we are about to shut down. We have a new AD domain (domain2). There is a trust setup between the two domains. We have thousands of folders and files throughout the new AD domain, that, when their security permissions are viewed, only have permissions for groups and users related to the old domain. For example, the security tab properties on a folder in the new AD domain may show domain1\jsmith or domain1\domain admins. I am afraid that when I end the trust and shutdown the old domain that thousands of network resources will become unavailable because of this.
Is there a 3rd party utility or a tool in Server2003 that will scan all network files/folders and either add the appropriate permissions for each item or modify the permissions that exist. All of the users & groups were replicated over to the new domain so they all exist, however most of the folder structure was created prior to the new domain being created so most of the security permissions are relevant to that domain.
I need some advice on how best to handle this. I can't possibly manually update each and every folder. Thanks.