Three months ago, our company recieved a contract from a goverment agency
which requires that we do strenious SPC testing. The SPC software that we
currently employ is a very old version that we have now identified as the
cause of the frequent system lockups and crashes that we have been
experiencing lately on the network.

The problem that I have is that I cannot discontinue the SPC software
because it is needed to produce the required parts on the government
contract. We have decided to setup a test server and small network to see if
1) the new SPC software that we going to purchase causes a similiar problem
and 2) to test the latest copy of SP1 for Windows Server 2003. I would like
to copy all the user information/permissions from the active system (without
moving them) to the test server.

What would be the proper method? There are only some 30-40 users total, but
I would rather not reset everything manually including rights and
permissions. Any detailed help would be greatly appreciated.

Thanks!

I've done this before by one of the two following techniques:

- NTBackup (with System State) or otherwise of a DC with GC enabled and
restore onto the test kit (cleaning up metadata & ad afterwards on the test
kit). This gave a clone of the DC in question and thus all of AD. This method
would also clone SIDs/UIDs stored in AD which relate directly to permissions.

- LDIFDE to export ou structure/users/groups (basically most of the
domain/forest in question) then create a new domain with the same DNS name on
the test kit and LDIFDE to import the info into the new AD.

Bear in mind that file system permissions (unlike NDS etc) are not stored in
AD so the LDIFDE wouldnt copy them over. Also, if you have multiple servers
in the live environment you would need to copy the perms off all servers. If
you use the LDIFDE method, the SIDs would be different for users/machines so
you would need to match the perms manually (or with the use of scripts/third
party product/or maybe robocopy).


Cheers, Simmo

"Larry Kuderick" wrote: