How to migrate a Windows 2003 file server to another domain?

Hi,

I have a Windows 2003 file server from DomainA and I want to move it into DomainB. What is the proceadure for doing  that to make sure that all folders and files securities will follow?
LVL 1
SAM2009Asked:
Who is Participating?

Improve company productivity with a Business Account.Sign Up

x
 
holthdConnect With a Mentor Commented:
There are no ways of migrating a server and retaining the filesystem NTFS permissions (usable) to my knowledge. There are several ways to get keep the permissions but unless you have a 1:1 copy of the Active Directory securtiy groups and users in domain A and B they'll be no good to you.
All objects in Active Directory have a SID which is unique and is the actual reference used when performing lookups from the fileserver to the domain. To maintain the SIDs of the objects you must have a copy of all the users and/or security groups that has been granted access to the filesystem in Domain A in Domain B. It does not help to give the objects an identical name and put them in the identical containers.
I recommend you use XCACLS.vbs (Microsoft, free) to export all permissions to a text file and re-establish the filesystem ACL's in Domain B.

-Daniel  
0
 
Lee W, MVPTechnology and Business Process AdvisorCommented:
If there is a trust between the domains then the NTFS permissions should remain in-tact (TEST FIRST).
0
Get 10% Off Your First Squarespace Website

Ready to showcase your work, publish content or promote your business online? With Squarespace’s award-winning templates and 24/7 customer service, getting started is simple. Head to Squarespace.com and use offer code ‘EXPERTS’ to get 10% off your first purchase.

 
pedronriveraConnect With a Mentor Commented:
For migrations I use admt which will migrate users groups and computer accounts.  Do some research on the active directory migration tool.
0
 
SAM2009Author Commented:
The trust is activated between both domains. Whatd does it work with fsmigrate? Does it keep the security grp and users?
0
 
Lee W, MVPTechnology and Business Process AdvisorCommented:
If there's a trust, then the GUIDs (which are NOT removed) can be looked up and security should apply properly.
0
 
holthdCommented:
Keep in mind that once you remove the trust or the DC's in the trusted domain becomes unavailable ACL lookups on this server cannot be performed any longer. Hence rendering files and folders inaccessible.
If the trust is used in a transition period you'll have to look at AD migration or another solution.
0
 
SAM2009Author Commented:
Ya trust will be deactivated cuz the purpose is to get just one domain at the end.
0
 
SAM2009Author Commented:
Thank you for all your suggestions!
0
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

All Courses

From novice to tech pro — start learning today.