• Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 889
  • Last Modified:

How to copy data between Windows domains?

Hi Experts,

I am trying to copy files between two domains. Both domains/networks are connected with a router. I can ping and connect remotely.

Domain A: Windows 2003 Server at 10.0.0.x
Domain B: Windows 2011 SBS at 10.0.1.x

How do I make the following work?

net use B: \\10.0.1.10\Data
xcopy C:\ServerA_Data\*.* B:\

The first command fails with "Logon failure: account currently disabled."

What needs to be done for users in domain B to be able to have write access to the files copied over?

Thank you for any help...
0
sonetinc
Asked:
sonetinc
  • 6
  • 5
  • 4
1 Solution
 
Suliman Abu KharroubIT Consultant Commented:
You need to configure a trust relationship between the two domains.

Domain A must trust domain B in order to grant users in domain B access to shares in domain A.
0
 
Suliman Abu KharroubIT Consultant Commented:
If you dont want to implement the trust between domains, just logon to the shared folder by providing a valid credentials in domain B prior to copy the files.

when you try to open the share as \\server_ip, it should ask you for credentials.
0
 
Suliman Abu KharroubIT Consultant Commented:
0
 [eBook] Windows Nano Server

Download this FREE eBook and learn all you need to get started with Windows Nano Server, including deployment options, remote management
and troubleshooting tips and tricks

 
sonetincAuthor Commented:
This should be handled within a batch file. I don't want to store passwords in it. What type of trust do I need to setup? Do I set it up on both servers?
0
 
Suliman Abu KharroubIT Consultant Commented:
You can create a normal user account in domain B to store its password instead of using your own password.

its more easier than the trust configuration. for trust you need to configure DNS and AD on both domains.

If you want to use the trust method here is a link

http://technet.microsoft.com/en-us/library/cc740018(v=ws.10).aspx
0
 
Rob WilliamsCommented:
One of the limitations of SBS is it will not support domain trusts. You will need to map the drive with the appropriate credentials:
net use B: \\10.0.1.10\Data  password  /USER:[OtherDomainName\username]
xcopy C:\ServerA_Data\*.* B:\

Unfortunately it means saving passwords in clear text.
0
 
sonetincAuthor Commented:
I'm afraid that the user option is not going to work. I've created the user on the destination server B. Granted him full access to all directories/files with:

cacls d:\data\* /E /T /C /G "sync-user":F

Open in new window

For the copy/sync I am using robocopy:

@ECHO OFF
echo Start at %date% %time%
::http://www.ss64.com/nt/robocopy.html
SETLOCAL
SET _source=\\ServerA\Data
SET _dest=\\ServerB\Data
net use S: %_dest% pass /user:sync-user
SET _what=/COPYALL /B /SEC /MIR
:: /COPYALL :: COPY ALL file info
:: /B :: copy files in Backup mode. 
:: /SEC :: copy files with SECurity
:: /MIR :: MIRror a directory tree 
SET _options=/R:0 /W:0 /LOG:Sync.log
:: /R:n :: number of Retries
:: /W:n :: Wait time between retries
:: /LOG :: Output log file
:: /NFL :: No file logging
:: /NDL :: No dir logging
ROBOCOPY %_source% S:\ %_what% %_options%
net use S: /delete
echo Completed at %date% %time%

Open in new window

With the sec parameter I am getting the following errors:
      0      \\ServerA\Data\
2012/08/10 21:58:52 ERROR 5 (0x00000005) Copying NTFS Security to Destination Directory \\ServerA\Data\
Access is denied.

Without the security parameter:
          New File                101067      file.dat
2012/08/10 22:27:58 ERROR 1314 (0x00000522) Copying NTFS Security to Destination Directory \\ServerA\Data\file.dat
A required privilege is not held by the client.

Is there a way to get around this problem? I would prefer to maintain the NTFS permissions.

I've the DNS working on both sides. Which type of trust do I need to setup to make the above work?
0
 
sonetincAuthor Commented:
My plan is to add the server B admin to the server A's data NTFS permissions... but first I will need the trust. Is there any better/more efficient option?
0
 
Rob WilliamsCommented:
As mentioned SBS will not support a trust relationship.
SBS has 3 key limitations:
-a maximum of 75 users or devices
-it must be a DC, and retain all FSMO roles
-cannot support domains trusts.
http://social.technet.microsoft.com/wiki/contents/articles/1906.i-overview-of-sbs-2011.aspx
0
 
sonetincAuthor Commented:
Coming to back to my original problem: how to transfer the data from A to B?
0
 
Rob WilliamsCommented:
You will need to provide credentials when the connection is made, thus the recommendation of:
net use B: \\10.0.1.10\Data  password  /USER:[OtherDomainName\username]
The other option might be to use 3rd party sync software like Second Copy  http://www.secondcopy.com/
0
 
Suliman Abu KharroubIT Consultant Commented:
another third party option is all way sync:

http://allwaysync.com/
0
 
sonetincAuthor Commented:
I was able to establish the trust without any issues so far.
0
 
Rob WilliamsCommented:
How did you establish a trust?  This is not possible with any version of SBS.
0
 
sonetincAuthor Commented:
Solved the problem by myself.
0

Featured Post

Concerto Cloud for Software Providers & ISVs

Can Concerto Cloud Services help you focus on evolving your application offerings, while delivering the best cloud experience to your customers? From DevOps to revenue models and customer support, the answer is yes!

Learn how Concerto can help you.

  • 6
  • 5
  • 4
Tackle projects and never again get stuck behind a technical roadblock.
Join Now