Yes. Domain operations won't work (services with named accounts from the domain won't start, etc.), but the ACLs will still be there, and will start working again once rejoined to the domain.
So, I'd suggest setting services that rely on domain accounts to manual before disjoining from the domain, and setting them back to automatic when rejoining, but that's all. Kurt On Wed, Jul 21, 2010 at 13:59, Michael B. Smith <[email protected]> wrote: > What? > > If you mean that once rejoined to the domain, will those permissions still be > there - the answer is yes. > > But do they take affect when you aren't joined to the domain? No. Without > being a member of the domain (or having a trust to the domain), you can't get > a Kerberos ticket. > > Regards, > > Michael B. Smith > Consultant and Exchange MVP > http://TheEssentialExchange.com > > > -----Original Message----- > From: Phil Brutsche [mailto:[email protected]] > Sent: Wednesday, July 21, 2010 3:28 PM > To: NT System Admin Issues > Subject: Re: Removing missing DC metadata > > IME no. > > NTFS permissions will survive just fine, service permissions should survive > as well. > > On 7/21/2010 1:41 PM, Erik Goldoff wrote: >> But if a file server and removed from the domain, aren't >> domain-specific permissions lost when removed from the domain ? > > -- > > Phil Brutsche > [email protected] > > > ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ > <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~ > > > ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ > ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~ > > ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~
