|
|
|||||||
hallo We are migrating to win2003 in a few weeks. We are going to rename user accounts from 3 letters to firstname.lastname Problems during migration using ADMT, not migrating Built in group "Domain users & Domain Admins". Also during Security translation, the groups are not updated. The rights on the users home shares are as follows: Share: Domain Users = Full Control Ntfs: User = full control , Domain Admin = Full control Do anyone have an Idea how to add "domain admins & and Domain users both to the share ande NTFS rights to the user home share Have tried simple cmd files: Code: for /f %%x in (n:\users.txt) do rmtshare \\FileSrv\%%x$=d:\users\%%x /grant "New_Domain\Domain Users":"full control" >>n:\share.log Domt know how to match old username with new username format Any Ideas \regards Erik |
||||||||
|
|
|||||||
k, there is no way that this would be even legal. it's user's homeshare. nobody else than the user should have access to the files via the share. |
||||||||
|
|
|||||||
Check the rights again. The User (@userID) + Domain admins has "full control" on NTFS rights I think this i legal \erik |
||||||||
|
|
|||||||
filesystem rights are different than the ones in shares. please don't mix them. Quote: this is what I mean. no file or folder, you talk about share. neither of these groups belong to the user's share. |
||||||||
|
|
|||||||
The user home shares looks like this: Folder is shared "Old_domian\@username$" Share permission = old_domain\Domain Users = Full Control Folder/File permission = old_domain\Domain Admins = Full Control + The User (old_domain\@userID) = Full Control. I have to mix them, I have made the Share open for Domain Users = (everyone)´, then limit the rights on files and folders. Dont know if this is the correct way !! As i described I want to change both the share rights and the file and folders permissions. on all the users shares. The tool for migration from microsoft dont update the rights on build in groups. Ex the old rights "old_domain\domain admins" should be changed or add to "new_domain\domain admins" Hope you understand what I mean ?? \erik |
||||||||
|
|
|||||||
ok... now we talking. MS tools are indeed bad. think hoby has the tools you need. and he has a way good document on migration too. dunno if on subject though http://mywebpages.comcast.net/habullock/Cost_Eff_Domain_Migration.htm for more, check at: http://home.comcast.net/~habullock/kix_solutions.htm btw, there is reskit tool called rmtshare (remoteshare) with which you can control shares. to remotely retrieve current share perms see my udf at: http://www.kixtart.org/ubbthreads/showflat.php?Cat=&Number=82946&page=24&view=collapsed&sb=3&o=all&fpart=1 |
||||||||
|
|
|||||||
A small side step. Perhaps its simplier to recreate all users folders using batch, setting the correct share and folders permsissions using nt recource kit programs, XCACLS.EXE and rmtshare.exe. Code: for /f %%x in (d:\new_users.txt) do md %%x >>d:\log.txt This batch code is fast and works But one problem still exist. Ex user: adam bertil old share "abt$" new share "adam.bertil$" How to copy from the old share to the new. I have tried Code: for /f %%n in (n:\old_users.txt) do xcopy \\filesrv\%%n$\*.* Filesrv\%%x$\ /S /E /D but theres no referense between old and new username. also tried readline but my I am unable to figure out how to extract $old and $new. Tried left and right but old usernames are not precis. Seems like some kind of array is the solution, but I don know how to. My ex: Users.txt abt,adam.bertil How to split and get $a and $b, then make the copy \erik |
||||||||
|
|
|||||||
no reference between old and new? if there is no way to decide, you can't do it manually either. |
||||||||
|
|
|||||||
some kind of referance exist, but not during batch command. I have a txt file, with the old username and the new ones , with the following format: abt,adam.bertil dfp,david.filip egv,erik.gustav Can I get the value "abt" to be ex a$ then make adam.bertil to be b$ Then make the copy Code: copy 'a$' 'b$' ??? \erik |
||||||||
|
|
|||||||
not sure why you want that. retrieve the original name from the sharename or somewhere, read from the textfile the matching new and make the share with that. the files you can move with robocopy to ensure correct moval. |
||||||||
|
|
|||||||
ROBOCOPY should do the trick.. Use the /SEC Switch.. http://www.ss64.com/nt/robocopy.html Kent |
||||||||
|
|
|||||||
maybe Im a bit unclear please read the following. I would like to copy from 1 file to another. Today the folder names is in 3 letters format After migration they will be in format firstname.lastname Source folder name is called "abl" Target folder name is called "adam.bertil" I have a text file with all usernames in format: abl,adam.bertil Theres is about 350 user folders Is it possible to copy from source to target folder using this text file or is the format incorrect ? If it is incorrect how should the format be ? Im afraid I cant explain more specific. regards \erik |
||||||||
|
|
|||||||
sure, understood perfectly. but you don't want to copy file per file. so, you need robocopy. just take and read that text-file and do for each: for each $line in $file $line=split($line,"separator") shell "robocopy /mir "+$OLDservershare+"\"+$line[0]+" "+$newservershare+"\"+$line[1] next so, what is that I don't understand? |
||||||||
|
|
|||||||
Maybe I'm not getting it, but why not just rename the folder, then reapply the NTFS security via appropriate security tools (they are discussed elsewhere on this BBS, search for 'CACLS'), then set the share permissions to the user. If the folders need to eb migrated to another computer/partition (not mentioned in thread), then ROBOCOPY (preferably the W2K3 version) will be the tool of choice. |
||||||||
|
|
|||||||
If there's only 350 folders...Why dont you just start Right-clicking and renaming. You probably could have had it done already. |