To answer both questions: Yes, sidHistory is supposed to be "temporary" but for some that's the lifetime of the product. It's all temporary in the scheme of things right?
As for can you hold more than one sid in the sidHistory attribute, yes you can. "Additional sIDHistory Information The sIDHistory is a multivalued attribute of security principals in the Active Directory that may hold up to 850 values" (I believe it's gone up hasn't it?) http://support.microsoft.com/default.aspx?scid=kb;en-us;322970&Product=winsv r2003 Next logical question to ask: Is it a good idea? I don't think so. Makes troubleshooting a nightmare to say the least. Al -----Original Message----- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of David Cliffe Sent: Friday, March 18, 2005 2:15 PM To: [email protected] Subject: RE: [ActiveDir] User Migration...twice Raymond, I apologize in advance for... a) not answering your question b) selfishly replying with another question for my own benefit Along these lines, is the premise behind sidHistory that it should be somewhat temporary in nature? Shouldn't the organization go back and redo all ACLs (if possible!) and then clean out sidHistory afterwards? Or have I got the concept all wrong and the notion of fixing up so many ACLs absurd? Thanks! -DaveC Reuters CIO Infrastructure ________________________________ From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of [EMAIL PROTECTED] Sent: Friday, March 18, 2005 1:59 PM To: [email protected] Subject: [ActiveDir] User Migration...twice Has anyone successfully migrated user accounts twice, while maintaining SID history both times? We had a group of users migrated from an NT domain to a W2K domain (with SID history, Quest Migrator). We now need to migrate them again from the (now) W2K3 domain to another W2K3 domain. Can we keep both SIDs as SID History? Thanks, rb ----------------------------------------------------------------- Visit our Internet site at http://www.reuters.com To find out more about Reuters Products and Services visit http://www.reuters.com/productinfo Any views expressed in this message are those of the individual sender, except where the sender specifically states them to be the views of Reuters Ltd. List info : http://www.activedir.org/List.aspx List FAQ : http://www.activedir.org/ListFAQ.aspx List archive: http://www.mail-archive.com/activedir%40mail.activedir.org/
