• Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 533
  • Last Modified:

Preserving NTFS file permissions during server 2003 upgrade

Soon I will be upgrading my 2003 server. I have two 2003 servers and both are domain controllers.

The plan is to erase the first 2003 server and do a clean install of 2012. This server has a D: Drive that contains users folders and shared directories. I am concerned about the NTFS permissions of the files. I'm not concerned about the share level permissions as those will need to be re-created.

Upon promoting the new server to the network, I'm hoping I can migrate the active directory information from the other domain controller to the new server.

Assuming all the above is possible, I am interested what will happen to the file permissions on the D: drive. I was told they will be lost and I will manually re-create them.

Is this true? If so, is there anyway I can preserve these permissions to avoid the task of re-creating everything?
0
JohnMan777
Asked:
JohnMan777
1 Solution
 
Santosh GuptaCommented:
Hi,

if you are planing to clean installation of 2003 server and then you will install 2012. so obviously you are again adding this server to domain. (as 2012 will again DC) so you will NOT lost the security settings.
0
 
MaheshArchitectCommented:
As long as you are not formatting D drive (By keeping D drive intact and just format C: drive, your drive will retain all permissions in the form of security identifier
Because after replacing OS, server will be part of workgroup and then its not possible to interpret existing NTFS permissions in readable format.
After installation of new OS when you will join that server to domain again as member server, you will be able to see all NTFS permissions correctly

Only you will lose all Shares along with Sysvol and netlogon
There is one alternative for that

Point your server to be demoted to another DC 1st in DNS properties
Reboot the server once
Demote server gracefully to member server
This will remove Sysvol and netlogon shares but other shares remains intact
Then export shares registry at below location
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\LanmanServer\Shares]
Then format server C: drive with 2012 OS
Add it as a member server in existing domain
Restore exported shares registry key so that all share folder will be restored with share permissions and NTFS perms are already there
Then promote server as ADC in existing domain
Hopefully this will go smoothly

Mahesh.
0
 
JohnMan777Author Commented:
Excellent advice. Thank you especially for the section on preserving the shares.
0

Featured Post

Free Tool: Path Explorer

An intuitive utility to help find the CSS path to UI elements on a webpage. These paths are used frequently in a variety of front-end development and QA automation tasks.

One of a set of tools we're offering as a way of saying thank you for being a part of the community.

Tackle projects and never again get stuck behind a technical roadblock.
Join Now