Dave, thanks for the sanity check ! That was my understanding.
Would be VERY interested in knowing how this works - as we know and Roger has alluded to this - NT4 is not "directory aware" and cant get this attribute of the user account from a query of the directory ?? i would guess one of the undocumented features of a "native mode" domain as a slight aside this has always been one of the greatest mysteries of AD to me - how such a significant change (ie no rollback) has so little documentation - we know things like no replication to BDC's, universal groups and the like but there MUST be more to it than that ??!! GT ----- Original Message ----- From: "Thornley, Dave H" <[EMAIL PROTECTED]> To: <[EMAIL PROTECTED]> Sent: Wednesday, December 04, 2002 9:07 AM Subject: RE: [ActiveDir] OT: Migration tools and AD > As I understand it SIDHistory entries are added to the access token in the same way that group membership SIDs are, client version isn't an > issue. > > dave > > -----Original Message----- > From: Roger Seielstad [mailto:[EMAIL PROTECTED]] > Sent: 03 December 2002 12:54 > To: '[EMAIL PROTECTED]' > Subject: RE: [ActiveDir] OT: Migration tools and AD > > > I don't follow your question - NT4 has no concept of SID history in the access tokens, unless I presume the ADClient has been installed. NT4 > tokens don't handle multiple user SIDs. > > Roger > ------------------------------------------------------ > Roger D. Seielstad - MCSE > Sr. Systems Administrator > Inovis - Formerly Harbinger and Extricity > Atlanta, GA > > > > -----Original Message----- > > From: Graham Turner [mailto:[EMAIL PROTECTED]] > > Sent: Tuesday, December 03, 2002 7:43 AM > > To: [EMAIL PROTECTED] > > Subject: Re: [ActiveDir] OT: Migration tools and AD > > > > > > but interestingly enough the NT 4 workstation is obviously > > SIDHISTORY aware > > in its construction of the access token ??? > > > > any takers yet on how DMW actually works ?? - i guess it must > > undergo an > > exercise of duplication of all of the references of the > > source user domain > > with an identical reference to the target domain ??? > > > > > > ----- Original Message ----- > > From: "Roger Seielstad" <[EMAIL PROTECTED]> > > To: <[EMAIL PROTECTED]> > > Sent: Tuesday, December 03, 2002 12:40 PM > > Subject: RE: [ActiveDir] OT: Migration tools and AD > > > > > > > While you're technically correct, native mode still makes a > > difference. > > > > > > Downlevel (i.e. NT4) domain controllers don't understand > > SID history - one > > > account, one SID. Therefore, it is more correct to say that > > while the > > > migration tool doesn't care, the SID history functionality > > won't work > > > correctly without being in native mode. > > > > > > Roger > > > ------------------------------------------------------ > > > Roger D. Seielstad - MCSE > > > Sr. Systems Administrator > > > Inovis - Formerly Harbinger and Extricity > > > Atlanta, GA > > > > > > > > > > -----Original Message----- > > > > From: Weston Rogers [mailto:[EMAIL PROTECTED]] > > > > Sent: Tuesday, November 26, 2002 4:58 PM > > > > To: [EMAIL PROTECTED] > > > > Subject: RE: [ActiveDir] OT: Migration tools and AD > > > > > > > > > > > > Not true, although I don't know what the requirements of the Quest > > > > software are, I know DMW doesn't care about modes. > > > > > > > > -- > > > > Weston Rogers > > > > [EMAIL PROTECTED] > > > > 800.849.5147 x255 > > > > > > > > -----Original Message----- > > > > From: Graham Turner [mailto:[EMAIL PROTECTED]] > > > > Sent: Tuesday, November 26, 2002 4:50 PM > > > > To: [EMAIL PROTECTED] > > > > Subject: Re: [ActiveDir] OT: Migration tools and AD > > > > > > > > > > > > is the target domain in native mode ?? > > > > > > > > understood to be mandatory for the sidhistory attribute > > > > > > > > GT > > > > ----- Original Message ----- > > > > From: Pelle, Joe > > > > To: [EMAIL PROTECTED] > > > > Sent: Tuesday, November 26, 2002 9:15 PM > > > > Subject: [ActiveDir] OT: Migration tools and AD > > > > > > > > > > > > Hello there! > > > > I'd like to know if anyone has had any experience using Quest > > > > migration tools? If so, I am having some specific issues > > > > migrating > > > > SIDHistory: I > > > > am unable to move the SID history from my NT domain to my new AD > > > > structure. I am successful migrating the user(s) but unable to > > > > get the SID to come with them! > > > > Quest suggests that I have SP2 installed for 128bit > > encryption when > > > > migrating SIDHistory from client to server. I have SP3 already... > > > > Any suggestions?! Thanks! > > > > Joe Pelle > > > > Systems Administrator > > > > Information Technology > > > > Valassis / Targeted Print & Media Solutions > > > > 35955 Schoolcraft Rd. Livonia, MI 48150 > > > > Tel 734.632.3753 Fax 734.632.6240 > > > > [EMAIL PROTECTED] > > > > http://www.valassis.com/ > > > > This message may have included proprietary or protected > > information. > > > > This message and the information contained herein are not to be > > > > further communicated without my express written consent. > > > > List info : http://www.activedir.org/mail_list.htm > > > > List FAQ : http://www.activedir.org/list_faq.htm > > > > List archive: > > > > http://www.mail-archive.com/activedir%> 40mail.activedir.org/ > > > > > > > List info : http://www.activedir.org/mail_list.htm > > > List FAQ : http://www.activedir.org/list_faq.htm > > > List archive: > > http://www.mail-archive.com/activedir%> 40mail.activedir.org/ > > > > > > List info : > > http://www.activedir.org/mail_list.htm > > List FAQ : http://www.activedir.org/list_faq.htm > > List archive: > > http://www.mail-archive.com/activedir%> 40mail.activedir.org/ > > > List info : http://www.activedir.org/mail_list.htm > List FAQ : http://www.activedir.org/list_faq.htm > List archive: http://www.mail-archive.com/activedir%40mail.activedir.org/ > List info : http://www.activedir.org/mail_list.htm > List FAQ : http://www.activedir.org/list_faq.htm > List archive: http://www.mail-archive.com/activedir%40mail.activedir.org/ List info : http://www.activedir.org/mail_list.htm List FAQ : http://www.activedir.org/list_faq.htm List archive: http://www.mail-archive.com/activedir%40mail.activedir.org/
