1

I used to run an Active Directory installation. The AD server had died a few years back and I'd just been running on cached credentials since I didn't have hardware available to rebuild on and hadn't been using AD for that many services.

I recently got a new server and am trying to get AD set back up. I am unable to boot the old system and don't know where backups are of the old AD tree. I was able to associate the computer to the new domain, but presumably since SIDs don't match up, it recreated new users with the same name (but a .000 on the user directory) for my user. I'm trying to figure out a good way to merge the old local user with the new AD account. I'm aware that it can be done by moving registry entries and files from one set of user files to the other such as is described here, but I wasn't sure if there might be a simpler, more direct way to force a re-association despite the change in SID. The domain name and username are the same for both.

Community
  • 1
AJ Henderson
  • 369
  • 3
  • 15

2 Answers2

3

As others said, you can't really do this. The cached credentials wouldn't be of much use anyway - as far as I know the only thing of much interest are the usernames and passwords and they are held using a different hash from the one on the directory so you can't reimport them.

User SIDS will be recreated in the new directory anyway, sort of by definition. If you want to import users from another domain so they keep their security rights you need to use the regular import tools. But you won't have those cached on the PC anyway. So you will need to (re)grant your users access to whatever domain resources they need.

Ken
  • 56
2

You should know that questions about home networks are off topic here, but I'll throw you a bone since this is easy.

You can't "force a re-association despite the change in SID" whatever that means. What you can do is use the User State Migration Tool, or simply use the Copy Profile feature to copy your old account's profile to your new one.

MDMarra
  • 101,323