Solved

Moving data across domain's without trust's

Posted on 2011-09-28
3
473 Views
Last Modified: 2012-05-12
Hi,

I am looking to move data from 1 domain to another without the use of domain trust's but with the ability to keep the ACL's. I have had a look around and it looks like the subinACL tool might be the tool I am after however having never used the tool before I was looking for the experts to point me in the right direction either with this tool or another?

With subinACL what I was hoping it would do is allow me to merge the old SID with the new SID providing I keep the same username?

Thanks,
0
Comment
Question by:martin05
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 2
3 Comments
 
LVL 18

Expert Comment

by:x-men
ID: 36718048
"SubInACL is a command-line tool that enables administrators to obtain security information about files, registry keys, and services, and transfer this information from user to user, from local or global group to group, and from domain to domain. For example, if a user has moved from one domain (DomainA) to another (DomainB), the administrator can replace DomainA\User with DomainB\User in the security information for the user's files. This gives the user access to the same files from the new domain."

in http://www.microsoft.com/download/en/details.aspx?displaylang=en&id=23510
0
 

Author Comment

by:martin05
ID: 36813331
Hi X-men,

Have you had experience with this tool?
Would it just be a case of use robocopy to copy the data ensuring it takes the ACL info, once across in the new domain & providing we keep the same group names and usernames run a subinACL command like - subinacl /replace=DOMAIN1\SALES=DOMAIN2\SALES

Thanks


0
 
LVL 18

Accepted Solution

by:
x-men earned 500 total points
ID: 36813534
I have no experience with the tool, but that's what it sais it does. test it with one file / user ans see for your self.
0

Featured Post

Problems using Powershell and Active Directory?

Managing Active Directory does not always have to be complicated.  If you are spending more time trying instead of doing, then it's time to look at something else. For nearly 20 years, AD admins around the world have used one tool for day-to-day AD management: Hyena. Discover why

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

This article describes my battle tested process for setting up delegation. I use this process anywhere that I need to setup delegation. In the article I will show how it applies to Active Directory
A company’s centralized system that manages user data, security, and distributed resources is often a focus of criminal attention. Active Directory (AD) is no exception. In truth, it’s even more likely to be targeted due to the number of companies …
This tutorial will walk an individual through the process of transferring the five major, necessary Active Directory Roles, commonly referred to as the FSMO roles from a Windows Server 2008 domain controller to a Windows Server 2012 domain controlle…
There are cases when e.g. an IT administrator wants to have full access and view into selected mailboxes on Exchange server, directly from his own email account in Outlook or Outlook Web Access. This proves useful when for example administrator want…

688 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question