1

I was wondering what would happen if i need to reinstall Windows 2008 R2 which is set as file server joined to second computer which is set as domain controller.

The file server have second drive d: on which are files setup based on permission from domain controller active directory.

If i reinstall file server, then join again file server to domain would share permission stay on second drive, if not, how do i set again or transfer same permission after reinstalling file server ?

Also i found this article but don't know would it be enough. https://support.microsoft.com/en-us/kb/125996 If this article is ok what about subdirectory special permissions then, anyone done this before ?

Greg Askew
  • 35,880
  • 5
  • 54
  • 82
whitesnake
  • 25
  • 4

2 Answers2

2

That article should be sufficient to restore the share permissions. If you are rejoining to the same domain, the file/directory permissions should not require any changes if you use builtin/well-known security principals or domain groups/users for permissions. If you use custom local groups/users on the file server to assign permissions, there really aren't any straightforward/simple solutions.

As Joe said, you can use ICACLS to dump the file system permissions. That would probably be a good idea, in case there are local security principals used for permission assignment that you aren't aware of. It would be advisable to not make any assumptions about what permissions are assigned. You should also run that on the file server, and not from another computer.

Greg Askew
  • 35,880
  • 5
  • 54
  • 82
  • In this scenario i am rejoing existing file server to existing domain. So if i only format c partition, reinstall and join again file server with existing shared data on second hdd with partition d and shared folders, based on a link from microsoft (in first post) it should do the trick ? – whitesnake Nov 27 '15 at 17:55
  • You will need to restore the share information in the registry as described in KB125996. If the NTFS permissions are all domain users/groups or builtin security principals, those should not need any modifications. – Greg Askew Nov 27 '15 at 18:05
1

The article you linked in your question would be the method to use to save and restore the Shares and Share permissions but it won't save or restore the NTFS permissions. One method to save and restore the NTFS permissions would be to use the icacls command. You can read more about it at the link below:

https://technet.microsoft.com/en-us/library/cc753525.aspx?f=255&MSPPError=-2147217396

joeqwerty
  • 109,901
  • 6
  • 81
  • 172
  • So if i understand corectly, if the user with the name lets say "mike" org group "mike" had permission to read only in the shared folder lets say "data/something/123" the permission to read wont be added after top article used ? – whitesnake Nov 27 '15 at 16:09
  • I just wont to bring back existing share permissions for users in this scenario so they can continue to work. – whitesnake Nov 27 '15 at 17:57