Announcement

Collapse
No announcement yet.

Copying Local Group from one Server to another

Collapse
X
 
  • Filter
  • Time
  • Show
Clear All
new posts

  • Copying Local Group from one Server to another

    We are using local group nested with domain group for setting NTFS permission. While copying the Local group from Server A to Server B, the Permission is shown as Account Unknown in the ACE. Would appreciate your help, if there is any way to copy the group name using the SID. For more information, you can look at http://support.microsoft.com/default...b;en-us;250267

    Thanks a lot

  • #2
    Re: Copying Local Group from one Server to another

    Did you try the copy with the box checked to Copy Group Members by SID instead of by name?

    Comment


    • #3
      Re: Copying Local Group from one Server to another

      Yes. I have tried using it. However, it does not work. I have a feeling that it used to work in the older versions of Hyena. I have recently upgraded Hyena to 5 and now to 5.5.

      Comment


      • #4
        Re: Copying Local Group from one Server to another

        I don't think that we are on the right track here. The Copy Group function creates a new group on the target server and optionally copies the members from the source group to the new group. Optionally, the group members can be copied by SID or name.

        New groups or users will always have a unique SID based on the machine that they are created on. There isn't any way to 'clone' a group and make it identical, as the internal SID of the groups will always be based on the SID of the computer that holds them.

        Hyena's Copy Group function only copies the group and its members, thereby creating a new group (with a different SID than the original). The Copy Group function has no bearing on any existing NTFS, share, or other permissions that are assigned to objects on the server. Those objects will reference the old group, and therefore will not know of the new group's ID (SID).

        The Microsoft article described Microsoft's clunky way to essentially doing a find-replace with the ACLs on a copied group. A 3rd party solution like SecureCopy from www.smallwonders.com is another method, or create your own using either Microsoft's technique.

        Hyena's option to copy group members by SID will always work if the group contains either global domain elements, or well-known members (like Account Operators, etc.) as these SIDs are constant. If the members of the group are local users, then the SID option should NOT be used, as the local user accounts will always be different from one server to the next.
        Kevin Stanush
        SystemTools Software Inc.

        Comment

        Working...
        X