Solved

Moving data across domain's without trust's

Posted on 2011-09-28
3
471 Views
Last Modified: 2012-05-12
Hi,

I am looking to move data from 1 domain to another without the use of domain trust's but with the ability to keep the ACL's. I have had a look around and it looks like the subinACL tool might be the tool I am after however having never used the tool before I was looking for the experts to point me in the right direction either with this tool or another?

With subinACL what I was hoping it would do is allow me to merge the old SID with the new SID providing I keep the same username?

Thanks,
0
Comment
Question by:martin05
  • 2
3 Comments
 
LVL 18

Expert Comment

by:x-men
ID: 36718048
"SubInACL is a command-line tool that enables administrators to obtain security information about files, registry keys, and services, and transfer this information from user to user, from local or global group to group, and from domain to domain. For example, if a user has moved from one domain (DomainA) to another (DomainB), the administrator can replace DomainA\User with DomainB\User in the security information for the user's files. This gives the user access to the same files from the new domain."

in http://www.microsoft.com/download/en/details.aspx?displaylang=en&id=23510
0
 

Author Comment

by:martin05
ID: 36813331
Hi X-men,

Have you had experience with this tool?
Would it just be a case of use robocopy to copy the data ensuring it takes the ACL info, once across in the new domain & providing we keep the same group names and usernames run a subinACL command like - subinacl /replace=DOMAIN1\SALES=DOMAIN2\SALES

Thanks


0
 
LVL 18

Accepted Solution

by:
x-men earned 500 total points
ID: 36813534
I have no experience with the tool, but that's what it sais it does. test it with one file / user ans see for your self.
0

Featured Post

Is Your AD Toolbox Looking More Like a Toybox?

Managing Active Directory can get complicated.  Often, the native tools for managing AD are just not up to the task.  The largest Active Directory installations in the world have relied on one tool to manage their day-to-day administration tasks: Hyena. Start your trial today.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

This script can help you clean up your user profile database by comparing profiles to Active Directory users in a particular OU, and removing the profiles that don't match.
This article explains the steps required to use the default Photos screensaver to display branding/corporate images
Windows 8 came with a dramatically different user interface known as Metro. Notably missing from that interface was a Start button and Start Menu. Microsoft responded to negative user feedback of the Metro interface, bringing back the Start button a…
Attackers love to prey on accounts that have privileges. Reducing privileged accounts and protecting privileged accounts therefore is paramount. Users, groups, and service accounts need to be protected to help protect the entire Active Directory …

726 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question