[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: Partitioning XP
Tim McDonough <email@example.com> wrote:
> I've seen this caution several times in the past. Does this
> refer to a physical disk being moved to another machine
> with files on it
Yes. It is dangerous to write to a NTFS filesystem and
modify SAM-SID meta-data on files the NT installation doesn't
know about. In other words, a NTFS filesystem that has
SAM-SID meta-data that was only in the other system's
> or is there even a danger if the files are being done
> across a network?
You use the SMB protocol across a network. There are two
modes SMB works in:
1. Workgroup -- each systems maintain their own SAM-SID.
When accessing a remote system, you give remote credentials
to log into that system. Only the remote credentials go on
that remote system, so your fine.
2. Domain -- the domain is its own SAM-SID. When accessing
a remote system, you must provide domain credentials. Domain
SAM-SIDs go on that remote system, so you are also fine.
The only issues you run into are when you move local disks.
Domain controllers don't use their local SAM-SID, they
inherit the domain SAM-SID. Sans a few "goofs" by Microsoft,
this is fairly safe.
Domain members are more problematic because they have local
SAM-SID and domain SAM-SID. The safest bet is to ensure you
_only_ share NTFS filesystems that do _not_ have _any_ local
SAM-SID info on them.
E.g., if you are going to setup a member server with shares,
format the drives, NTFS and shares on a domain controller
_first_, then move them to a member server.
In reality, the "safest" NT server is one that is also a
domain controller. That forces it to not use its local
Bryan J. Smith | Sent from Yahoo Mail
mailto:firstname.lastname@example.org | (please excuse any
http://thebs413.blogspot.com/ | missing headers)
To unsubscribe, send email to email@example.com with
"unsubscribe silug-discuss" in the body.