When you move files between domain members, and local permissions exist, the recipient member
will not be able to resolve the sending members local group and user permissions.
To workaround the difficulty, make sure that a domain Global group or domain user has Full Control of the files/folders, or you will loose access. Using tools from the Resource Kit and supplements, use:
GetSID \\SendingServer SendingLocalGroup \\ReceivingServer ReceivingLocalGroup >SIDs.TXT
When you inspect the SIDs.TXT file:
The SID for account SendingServer\LocalGroup1 does not match account ReceivingServer\LocalGroup1 The SID for account SendingServer\LocalGroup1 is S-1-5-21-123538420-358423456-7473742-1001 The SID for account ReceivingServer\LocalGroup1 is S-1-5-21-456131457-352918789-1170935872-1007Using SCOPY, or ROBOCOPY from Supplement 4, copy the files and permissions.
You will notice that the local permissions on ReceivingServer\LocalGroup1 are UNKOWN.
Use SubInAcl to replace the unknown permissions:
subinacl /subdirectories <Drive:>\Folder\*.* /replace=S-1-5-21-456131457-352918789-1170935872-1007=S-1-5-21-123538420-358423456-7473742-1001
0 comments
Hide comments