 |
|
UMove Help | |
Cart |
|
|
| ||||||
|
|
 |
Results of Moving Active DirectoryUMove will load Active Directory into the destination computer. It will copy the files from the staging folder into the operating system.Simple RestoreIf you are doing a simple restore, UMove will load the Active Directory files (NTDS.DIT and EDB*.LOG) and the System Volume (SYSVOL). It will not load any other files. Comprehensive RestoreIf you are doing a comprehensive restore, UMove will load the following additional information from the staging folder into the operating system: Computer NameUMove will set the computer name and domain name to match the name of the source computer. Network SettingsUMove will set the network settings to match the source computer's network interface card (NIC). This includes the following:
To view the NIC network settings: Click on Start -> Control Panel -> Network Connections. Select the NIC and right-click on Properties. In the pop-up dialog scroll down and select Internet Protocol (TCP/IP) and click the button Properties. DNS Server DatabaseUMove will move the DNS server database to the destination computer. This includes all DNS zones and all RR records. If the computer has a previous DNS database it will be replaced. DHCP Database, WINS Database, Certifcate Server DatabaseIf requested UMove will move certain databases that are closely connected with Active Directory. These databases include the DHCP database, the WINS database, the Certificate Services database, and other databases. User Accounts and PasswordsUMove will replace all local user accounts and passwords on the destination computer. They will be replaced by the domain user accounts and passwords in Active Directory. The destination computer's local (SAM) user account database will be replaced. It will be replaced by a stub that contains only one local account. The account is used to access the computer when Active Directory is not running. This is called Directory Services Restore Mode (DSRM). The password for the DSRM Administrator account will be set to the value you specified during the interview. These steps are exactly the same as those executed by the DCPROMO utility when promoting a domain controller. Cryptographic KeysUMove will replace the computer's cryptographic keys with the keys
from the source computer.
This includes the master keys for the
Encrypting File System (EFS) and
Protected Storage. (Protected Storage stores passwords for
File and Registry SecurityThe files in the operating system folders “\WINDOWS”, “\Program Files”, and “\Documents and Settings” will be changed to permit access by the domain administrators. The Access Control List (ACL) of each folder will be updated to allow access by the domain administrators. In a similar fashion the ACLs of registry keys will be updated to allow access by the domain administrators. These steps are exactly the same as those executed by the DCPROMO utility when promoting a domain controller. Permissions for Shared FoldersUMove will copy the user and group permissions for shared folders from the source computer. Security Identifier (SID) PrefixUMove will copy the Security Identifier (SID) prefix from the source computer. The SID prefix is used to uniquely identify the computer on the network for security purposes. When reloading AD onto the same computer the SID prefix is left unchanged. UMove will adjust the permission settings on the destination computer for Windows Firewall (if necessary) to allow access to Active Directory from your member computers. (Windows Firewall is new on Window Server 2003.) Advanced: You can tighten security by telling UMove to limit AD access to computers on the local subnet. See Advanced Options: Windows Firewall. |
|
|
|
|
