General discussion

Locked

Disaster recovery...

By mdbrewer ·
I'm currently working on a server that suffered a pretty severe crash. The drive had to be formatted. Lucky for me, the hd was partitioned into c:/d:. C: being the operating system/apps and d: being the app data and users home drive. The server operating system is Nt4 server. After the fresh install on c:, none of the users could get at their data on the d:\home partition.(each user has their own folder which gets created when the user account is created for the first time).I suspect this is because each user account has its own key identifier and when deleted, it is lost forever. I need to figure out a way around this and retrieve the data for each user. Can the user rights be inherited to the new user accounts? Any suggestions would be appreciated.

This conversation is currently closed to new comments.

7 total posts (Page 1 of 1)  
| Thread display: Collapse - | Expand +

All Comments

Collapse -

Disaster recovery...

by mdbrewer In reply to Disaster recovery...

Point value changed by question poster.

Collapse -

Disaster recovery...

by Peter Johnstone In reply to Disaster recovery...

Hi,
If you haven?t got too many users then you could just reset the permissions manually. Use Log onto the Server as Administrator, use ?Explorer?, take ownership of the folder, dump the origional permissions and reassign to the "new" user. There is bound to be a shorter way of doing it with a batch file. Unfortunately I?m not that clever! If you need to redo lots of users I suspect someone else will soon let you know of a better way. I will be looking out for answers as well!

Regards,
PJ

Collapse -

Disaster recovery...

by mdbrewer In reply to Disaster recovery...

Poster rated this answer

Collapse -

Disaster recovery...

by Joseph Moore In reply to Disaster recovery...

Was this server your PDC? Are you running in Domain mode, or Workgroup mode? To me, it sounds like you are running a Domain, and this WAS your PDC that died.
Yes, each user has a Security IDentifier (SID) that is unique per domain. For example, in domain MOORE, user JOE has a SID that looks similar to {79AC54CC-A510-11D2-BAB6-00C04FB68A60}.
Now, if you delete user JOE, then, 20 minutes later, create user JOE again, the SID will be different, eventhough the user name is the same. Each SID goesthrough a bunch of math calculations that ensures the SID is always different.
So, if you had NTFS permissions set on folders, you, in reality, modify the ACL on the folders to allow only certain SIDs from having access.
When your PDC crashed and you had to reinstall, the SID table was deleted.
So, those folders you were able to restore have one set of SIDs, but your domain now has a different set of SIDs.
BTW, when your users log into their workstations, are they having any problems connecting to the domain controller? Is there some error box popping up saying the domain controller can't be contacted, and that their cached profile will be used?

Just wondering.

Collapse -

Disaster recovery...

by Joseph Moore In reply to Disaster recovery...

Oh, one more thing: XCACLS.EXE, from the NT Resource Kit, is the tool that will let you script adding permissions.

Collapse -

Disaster recovery...

by mdbrewer In reply to Disaster recovery...

Poster rated this answer

Collapse -

Disaster recovery...

by mdbrewer In reply to Disaster recovery...

This question was closed by the author

Back to Windows Forum
7 total posts (Page 1 of 1)  

Related Discussions

Related Forums