Register FAQ Members List Social Groups Calendar Search Today's Posts Mark Forums Read  
iTechtalk

Quick Search

Go Advanced

Member Login

Not registered? | Forgot Password
 
Register
Welcome
 
iTechtalk > Tutorials > Operating systems > Windows 2008 » Configuring Domains for SID Migration in Windows Server 2008
Reply
LinkBack Thread Tools Display Modes
 
Old 01-01-2009, 09:23 AM   #1 (permalink)
 
bubli's Avatar
 
Member
Join Date: Nov 2008
Posts: 59
Post Configuring Domains for SID Migration in Windows Server 2008
Configuring Domains for SID Migration in Windows Server 2008



Migration of the source Security Identifiers (SIDs) into the target domain SID History allows the security assigned in Access Control Lists (ACLs) to work transparently after the migration. This gives the administrator time to reset ACLs on a slow basis or even after all objects are migrated.

There are several settings that need to be configured to allow for the SIDs to be transferred. These settings contain creating a local group in the source domain for auditing, enabling TCP/IP client support on the source PDC emulator, and, finally, enabling auditing on both the source and target domains.

To create the local group on the source domain for auditing, follow the below steps:

1. Log on to a domain controller on the source domain.

2. Launch Active Directory Users and Computers.

3. Create a domain local group named SourceDomain$$$, where SourceDomain is the NetBIOS name of the source domain. For example, the local group for the companyabc.com domain would be companyabc$$$.

Do not add any members to the group, or the migration process will fail.

To enable TCP/IP client support, follow the below steps:

1. Log on to the PDC (Primary Domain Controller) emulator domain controller in the source domain.

2. Launch the Registry Editor. (Click on Start and then select Run and then type regedit)

3. Navigate to \HKEY\LocalMachine\System\CurrentControlSet\Contro l\LSA.

4. Create the value TcpipClientSupport REG_DWORD and assign it a value of 1.

5. Exit the Registry Editor.

To enable auditing in Windows Server 2008 domains, do the following steps:

1. Click on Start and then Control Panel and then Administrative Tools and then Default Domain Controller Security Settings.

2. Expand the Local Policies.

3. Select the Audit Policy node.

4. Double-click on the Audit Account Management policy.

5. Check the Define These Policy Settings and select both Success and Failure.

6. Click OK to save the changes.

7. Exit the Group Policy Object Editor.

Now the source and target domains will be prepared to transfer SIDs into the SID History.
bubli is offline   Reply With Quote
 
Reply

Bookmarks

Tags
configuring domains, migration, sid, sid migration, windows server 2008

« Upgrading Domain and Forest Functional Levels in Windows Server 2008 | Migrating Groups in Windows Server 2008 »
Thread Tools
Display Modes
Linear Mode Linear Mode

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts
BB code is On
Smilies are On
[IMG] code is On
HTML code is Off
Trackbacks are On
Pingbacks are On
Refbacks are On

Similar Threads
Thread Thread Starter Forum Replies Last Post
How to install the Windows SBS 2008 in migration mode? techguru Windows server/NT/Work Station 1 05-19-2009 11:27 AM
How to host a multiple domains on Windows SBS 2008? master Windows server/NT/Work Station 1 05-15-2009 11:26 AM
How to create the trust relationship between Windows 2003 Server domains? Salokh Windows server/NT/Work Station 1 03-25-2009 08:43 AM
How to merge two domains in Windows Server 2003? aarzoo Windows server/NT/Work Station 1 03-17-2009 07:34 AM
Server Migration Solution for Windows 7 Server Techtalk Technology news 0 03-11-2009 07:06 AM

Contact Us - itechtalk - Archive - Top

 
All times are GMT. The time now is 09:04 PM.
itechtalk 		Log Out Unregistered
Powered by vBulletin Copyright © 2000-2009 Jelsoft Enterprises Limited. vbulletin.com

Content Relevant URLs by vBSEO 3.3.0