Professional Web Hosting, Perl Scripting And Developing Blog

Part 3: Windows Server 2003 Upgrades and Migrations Microsoft Windows Server 2003 Inside Out To prepare the destination domain for password migration, complete the following steps: 1 Modify the Default Domain Policy to enable the Everyone permissions for anonymous users. To access the policy, start Active Directory Users and Computers. Right-click the domain you want to work with, and select Properties. In the Group Policy tab of the Properties dialog box, select the domain policy, and click Edit. This displays the Group Policy Object Editor. In the Group Policy Object Editor, select Computer Configuration, Windows Settings, Security Settings, Local Policies, Security Options, and then double-click Network Access: Let Everyone Permissions Apply To Anonymous Users. In the policy dialog box, select Define This Policy Setting, choose Enabled, and then click OK. 2 On the target domain controller, locate the Pre Windows 2000 Compatible Access group in the Builtin container, add Everyone to it, and reboot the domain controller. Chapter 9 Tip If the destination (target) domain is a Windows NT 4 domain, the Password Export Server must have 128-bit high encryption pack support installed (which is included by default in Windows 2000 Server and Windows Server 2003 products). 3 Create the ADMT encryption key disk by changing to the drive and folder where ADMT is installed and running ADMT with the Key parameter from the command- line. Use the following syntax: ADMT key
where is the NetBIOS name of the source domain from which the migration information will be collected is the drive letter to which to write the password file
is the password for the file (if you use * [asterisk], the system will prompt for the password) Once you have performed the preceding steps to prepare the target domain, you next must prepare the source domain for password migration as follows: 1 Use the Password Migration tool (Pwdmig.exe in the I386ADMTPwdmig directory on the Windows Server 2003 distribution CD), and insert the floppy disk with the encryption key created on the target domain when prompted. 2 Then set up a BDC as a Password Export Server that will be used during the migration process (the BDC must also have the 128-bit high encryption pack and be running Service Pack 5 or later). To do this, modify the registry on the BDC at HKLMSYSTEMCurrentControlSetControlLsa, set the AllowPasswordExport value to 1, and then reboot the BDC. Once this preparation has been done, you can specify the Password Export Server during user account migration to have the user passwords migrated at the same time. 272
We recommend you use shared web hosting services, because many users agree that it is cheap, reliable and customer-satisfying webhost.

This entry was posted on Monday, August 27th, 2007 at 5:14 pm and is filed under PHP5. You can follow any responses to this entry through the RSS 2.0 feed. You can leave a response, or trackback from your own site.