[prev in list] [next in list] [prev in thread] [next in thread] 

List:       ntsecurity
Subject:    FW: [NTSEC] Domain Controllers
From:       "Espinola, Micheal" <MEspinola () Rational ! Com>
Date:       1998-01-30 10:33:05
[Download RAW message or body]


TO UNSUBSCRIBE: email "unsubscribe ntsecurity" to majordomo@iss.net
Contact ntsecurity-owner@iss.net for help with any problems!
---------------------------------------------------------------------------

This is exactly what I am referring to.  I apologize for it being
unclear in previous posts.  

The account and file permissions are not a problem.  The domains would
already have a trust relation ship and the accounts would have no effect
in my scenario, although I do appreciate your reminder of ACE related
problems.  My only concern is where to get the SID.  This is where I
claim technical stupidity.  I am very unfamiliar with SID's and where
they reside, although I do understand the concept and use of them.

Thank you for your informative response.  I really appreciate it!

-Micheal

------------------------------------------------------------------------
--------
Micheal Espinola Jr
NT Network Administrator

RATIONAL SOFTWARE CORPORATION
One Burlington Woods
Burlington, MA 01803

email : 	mespinola@rational.com	(business)
email : 	micheale@ix.netcom.com	(private)
www : 	http://www.rational.com

-----Original Message-----
From:	Paul Ashton [SMTP:paul@argo.demon.co.uk]
Sent:	Friday, January 30, 1998 10:12 AM
To:	Espinola, Micheal
Subject:	RE: [NTSEC] Domain Controllers

If you want to just move a BDC in A to B without taking any users,
just applications, then you would just have to change it's domain
SID to that of B and create a new trust account between A's PDC
and your BDC. You would also have to deal with all the files owned
by SIDs in A, such as changing all the ACEs to be those of a
particular account in B.

All the SID changing could be done by using the freeware SID
changer on www.ntinternals.com after you've modified the
source to do exactly what you want.

Paul

[prev in list] [next in list] [prev in thread] [next in thread]