Solved

SetACL: Obtain Permissions from AD Folder Share?

Posted on 2013-06-06
3
452 Views
Last Modified: 2013-06-20
I have a folder structure like this:

Share > Departments x20 Subfolders

I'm migrating the File Share over to another offsite File server that's not part of the domain, and they want to recreate the security groups etc. The department folders all have security groups and users assigned to them as to who can access them.

I've been told that SetACL Command line version is a great took to obtain this information. Does anyone know of the commands or scripts used for this that I send this info down to the offsite team?

Thanks!
0
Comment
Question by:Pancake_Effect
3 Comments
 
LVL 78

Assisted Solution

by:David Johnson, CD, MVP
David Johnson, CD, MVP earned 250 total points
ID: 39229598
You could use robocopy to copy over the files retaining their security.   The problem is that acl's work on SID's not usernames and a new workgroup server will (a) need to have these groups as well and that the SID's will be different.. What you could do is image the source (older) server, install onto the new hardware and then restore onto the new server and then unplug the older server and start using the new server. Using a domain mitigates this problem. The pre-existing SID's that you want to copy over using SETACL will be unknown on the new computer.
0
 
LVL 22

Accepted Solution

by:
eeRoot earned 250 total points
ID: 39232098
Matching the name won't work because the name is just a text label.  The underlying SID is what is used for security authentication.  The only secure options would be to set up a trust to this server or make it a ready only domain controller.
0
 
LVL 4

Author Closing Comment

by:Pancake_Effect
ID: 39262761
Thanks, because of this, we simply just manually recreated everything. Didn't take to long. But I just wanted to make sure we didn't have any other options, which we didn't(didn't want to add a trust)
0

Featured Post

How your wiki can always stay up-to-date

Quip doubles as a “living” wiki and a project management tool that evolves with your organization. As you finish projects in Quip, the work remains, easily accessible to all team members, new and old.
- Increase transparency
- Onboard new hires faster
- Access from mobile/offline

Join & Write a Comment

PRTG Network Monitor lets you monitor your bandwidth usage, so you know who is using up your bandwidth, and what they're using it for.
In this article, you will read about the trends across the human resources departments for the upcoming year. Some of them include improving employee experience, adopting new technologies, using HR software to its full extent, and integrating artifi…
This tutorial will walk an individual through the steps necessary to enable the VMware\Hyper-V licensed feature of Backup Exec 2012. In addition, how to add a VMware server and configure a backup job. The first step is to acquire the necessary licen…
This video gives you a great overview about bandwidth monitoring with SNMP and WMI with our network monitoring solution PRTG Network Monitor (https://www.paessler.com/prtg). If you're looking for how to monitor bandwidth using netflow or packet s…

743 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

14 Experts available now in Live!

Get 1:1 Help Now