Simple answer; use the right tools for the job. Norton ghost, Power Quest
Image drive are a few tools that are designed to do exactly this.
Willy.
<an****@aleborg.se> wrote in message
news:AA**********************************@microsof t.com...
| Hi!
|
| This is how I am thinking, the accounts I'm creating is for anonymous
access
| to websites and ftp accounts, these type of accounts I try to exclude from
| the domain and create them on each server instead, one of the reasons is
that
| it's so many accounts(we're talking thousands of accounts).
| The reason I wan't to recreate the account along with the SID is IF we for
| some reason wan't to move all users to another server, we can just take
the
| harddrive with the files for the website and move it, recreate all users
and
| all permissions on files and folders will continue to work. Permissions
are
| tied to SID, not to the accounts name.
|
| The other way to do this is to save all permissions in a database (we save
| username and passwords for all accounts in a database already, that's why
we
| easy can restore the users), the problem is that this way of doing it is
time
| consuming, we need to loop all users that has permissions on a file and if
it
| matches the current username save it to a DB or XML file (we havn't found
out
| a way to get the permissions without looping).
|
|
| Regards
| Anders Aleborg
| Aleborg Solutions
|
|
| "Nicholas Paldino [.NET/C# MVP]" wrote:
|
| > Anders,
| >
| > I would think that if you create the user on the domain, then the
user
| > will be recognized across the domain.
| >
| > Also, having the same SID for a user in two different domains
doesn't
| > get you anything.
| >
| > Hope this helps.
| >
| > --
| > - Nicholas Paldino [.NET/C# MVP]
| > -
mv*@spam.guard.caspershouse.com
| >
| > <an****@aleborg.se> wrote in message
| > news:1A**********************************@microsof t.com...
| > > Hi!
| > >
| > > To create a new Windows account I use this code:
| > >
| > > const int UF_PASSWD_CANT_CHANGE = 0x0040;
| > > const int UF_DONT_EXPIRE_PASSWD = 0x10000;
| > > DirectoryEntry obDirEntry = new DirectoryEntry("WinNT://" + domain);
| > > DirectoryEntries entries = obDirEntry.Children;
| > > DirectoryEntry obUser = entries.Add(username, "User");
| > > obUser.Properties["FullName"].Add(name);
| > > obUser.Properties["UserFlags"].Add(UF_PASSWD_CANT_CHANGE |
| > > UF_DONT_EXPIRE_PASSWD);
| > > if(homedir.Length>0)
| > > obUser.Properties["HomeDirectory"].Add(homedir);
| > > object obRet = obUser.Invoke("SetPassword", password);
| > > obUser.CommitChanges();
| > >
| > > My question is, is it possible to create a new windows account with a
| > > certain SID?
| > > In the case I wan't to replicate a user on another server.
| > >
| > > Regards
| > > Anders Aleborg
| > > Aleborg Solutions
| >
| >
| >