No announcement yet.

Obtaining a "safe" test copy of the SAM DB

  • Filter
  • Time
  • Show
Clear All
new posts

  • Obtaining a "safe" test copy of the SAM DB

    We have someone looking at testing AD with NT in a separate test environment. Rather than go through all the work of setting up hundreds of users and groups we were thinking about getting a safe copy of the SAM DB. We planned to do this by bringing in another BDC, sync'ing the DB and then removing it. Then putting into another domain, promoting to PDC and then changing passwords and changing some of the more "lethal" accounts.

    However, I know that NT will stop us moving a BDC from one domain to another without a rebuild (and therefore losing SAM DB)

    Are there any tricks / utilities to obtain a "safe copy" of our live domain in a test area ??????

    Andrew Whitton.

  • #2
    Re: Obtaining a "safe" test copy of the SAM DB

    This is a good question, but one that I unfortunately don't know the answer to. If you are only interested in user and group accounts, and don't care about the existing password and SID, you can use Hyena's Copy User To... and Copy Group To... functions. These will create NEW users and groups, so the SIDs (and all security) will be different, and the passwords will either be blank or whatever you set them to.
    Kevin Stanush
    SystemTools Software Inc.


    • #3
      Re: Obtaining a "safe" test copy of the SAM DB

      Thanks for the reply. I found another way which will suit needs. NT ResKit utility Addusers will create a text file containing users, global and local groups.

      You can then modify it slightly as required, take it to domain B and run to populate it with the users and groups.