کد:
http://utools.com/help/LoadingConsequences.asp
Results of Moving Active Directory
UMove will load Active Directory into the destination computer. It will copy the files from the
staging folder into the operating system.
Simple Restore
If you are doing a
simple restore, UMove will load the Active Directory files (NTDS.DIT and EDB*.LOG) and the System Volume (SYSVOL). It will not load any other files.
Comprehensive Restore
If you are doing a
comprehensive restore, UMove will load the following additional information from the staging folder into the operating system:
Computer Name
UMove will set the computer name and domain name to match the name of the source computer.
Network Settings
UMove will set the network settings to match the source computer's network interface controller (NIC). This includes the following:
- Internet address (example: 192.168.0.1).
- Network mask (example: 255.255.255.0).
- Client DNS address. This is the address that the computer will contact to send DNS queries.
- Client settings for dynamic DNS registration.
- Client WINS address (if applicable). This is the address that the computer will contact to send WINS queries. (WINS is the legacy network naming system from Windows NT.)
- Client settings for DHCP.
- IPV6 settings (if installed).
To view the NIC network settings: Click on Start -> Control Panel -> Network Connections. Select the NIC and right-click on Properties. In the pop-up dialog scroll down and select
Internet Protocol (TCP/IP) and click the button Properties.
DNS Server Database
UMove will move the
DNS server database to the destination computer. This includes all DNS zones and all RR records. If the computer has a previous DNS database it will be replaced.
DHCP Database, WINS Database, Certificate Server Database
If requested UMove will move certain databases that are closely connected with Active Directory. These databases include the
DHCP database, the
WINS database, the
Certificate Services database, and
other databases.
User Accounts and Passwords
UMove will replace all local user accounts and passwords on the destination computer. They will be replaced by the domain user accounts and passwords in Active Directory.
The destination computer's local (SAM) user account database will be replaced. It will be replaced by a stub that contains only one local account. The account is used to access the computer when Active Directory is not running. This is called Directory Services Restore Mode (
DSRM). The password for the DSRM Administrator account will be set to the value you specified during the interview.
These steps are exactly the same as those executed by the
DCPROMO utility when promoting a domain controller.
Cryptographic Keys
UMove will replace the computer's cryptographic keys with the keys from the source computer. This includes the master keys for the
Encrypting File System (EFS) and Protected Storage. (Protected Storage stores passwords for e-mail, web, and dial-up access.)
File and Registry Security
The files in the operating system folders “\WINDOWS”, “\Program Files”, and “\Documents and Settings” will be changed to permit access by the domain administrators. The Access Control List (ACL) of each folder will be updated to allow access by the domain administrators.
In a similar fashion the ACLs of registry keys will be updated to allow access by the domain administrators.
These steps are exactly the same as those executed by the
DCPROMO utility when promoting a domain controller.
Permissions for Shared Folders
UMove will copy the user and group permissions for shared folders from the source computer.
Security Identifier (SID) Prefix
UMove will copy the Security Identifier (SID) prefix from the source computer. The SID prefix is used to uniquely identify the computer on the network for security purposes.
When reloading AD onto the
same computer the SID prefix is left unchanged.
UMove will adjust the permission settings on the destination computer for Windows Firewall (if necessary) to allow access to Active Directory from your member computers.
Advanced: You can tighten security by telling UMove to limit AD access to computers on the local subnet. See
Advanced Options: Windows Firewall.
Windows Server 2008: UMove will copy the Windows Firewall settings from the source computer.