Admin
asked on
Migrate Windows File Share Permission
Hi, I have a question on how to migrate the FileShare Permission from existing Domain A to new Domain B without any domain trust? Is this possible? Currently, I have a Primary File Server that hosts all the corporate files and we are planning to move into the new domain environment. But the challenges foresee on the File Share Permission. Do I need the migration toolkit such as ADMT? Robocopy? SecureCopy? to assist my file-share permission? The new domain environment will have the new user account created based on same username from the existing domain, but the objective here also is to preserve the same file-permission with the same existing user without any pain & lengthy process.
TQVM in advance for any expert advice here.
TQVM in advance for any expert advice here.
Yes it is POSSIBLE, but kinda pointless.
Permissions are added to files using GUIDs, which are mapped to user names via AD. Since you are moving to a new domain, it will not understand these, all you will see if you look at the file permissions is a series of meaningless alphanumeric characters. Having identical user names will not help.
XCOPY can copy the security info over if you use the /O parameter, if you copy between NTFS formatted volumes.
Permissions are added to files using GUIDs, which are mapped to user names via AD. Since you are moving to a new domain, it will not understand these, all you will see if you look at the file permissions is a series of meaningless alphanumeric characters. Having identical user names will not help.
XCOPY can copy the security info over if you use the /O parameter, if you copy between NTFS formatted volumes.
HKEY_LOCAL_MACHINE\SYSTEM\ CurrentCon trolSet\Se rvices\Lan manServer\ Shares key... That's what you need.
Export the "Shares" key, edit if it's necessary and import to a new location.
Export the "Shares" key, edit if it's necessary and import to a new location.
SetACL.exe with a domain replace flag. I have used it before
https://helgeklein.com/blog/2012/07/howto-reacling-a-file-server-in-a-domain-migration-with-setacl-3-0/
https://helgeklein.com/blog/2012/07/howto-reacling-a-file-server-in-a-domain-migration-with-setacl-3-0/
This question needs an answer!
Become an EE member today
7 DAY FREE TRIALMembers can start a 7-Day Free trial then enjoy unlimited access to the platform.
View membership options
or
Learn why we charge membership fees
We get it - no one likes a content blocker. Take one extra minute and find out why we block content.
I believe you need ADMT.
Personally I would try to avoid moving to a new domain.