New domain overwriting old domain accounts

0

Somehow I don't like how I titled this but oh well. What happened is I got hit with the IE bug on one of my servers which just happens to be my Domain controller and AD. So unfortunately I was forced to re-format and re-install Server and the AD/DNS role as I had it before. The domain name and other such information is identical to what it was before. I then added my client machines and user accounts to the AD as exact as it was before. However, upon restarting the client machines, it would seem it refreshed the domain and now recognizes this domain as a totally different domain, even though it is the same. When logging in as myself, none of my desktop is the same as it was, nor my files elsewhere. Upon further analysis, I found that the Users folder now has a duplicated folder, instead of "username", it says "username.DOMAIN". How can I get it back to where when I log in as myself and get MY files, and not this blank new one? Is there any way to merge these User folders into one? I'm sure there is more outside of the Users folder that would need to be merged too, but how can I do this?

My thoughts if there isn't a quick fix to this: Could I search the registry for my username.DOMAIN and replace all entries with my existing username folder. Along with searching for S-1-5-21-423432-43243243-432432432 (the old ID for old account), which I luckily found by looking at some permissions on some network shares, which now instead of my name there, it shows this weird ID, and replace that with the new S-blah-blah-blah ID in the registry? I sometimes get scared when changing things like this in the registry, but I have services that ran under my old account which are no longer running and I don't see any other ways to change it. Also, similarly, I'm sure there are applications that were installed and work for just that user, I would assume that there is more to it than just copying the files from the other user into mine.

codemann8

Posted 2014-05-05T04:56:55.370

Reputation: 65

Answers

1

Within the OS, Windows domains and user accounts are not identified by their name; they have a SID, "Security Identifier", based on a long randomly generated "domain SID", and – for users/groups – an incrementing "RID" (relative user ID).

For example, a domain might have the SID S-1-5-21-3623811015-3361044348-30300820, where S-1-5-21 describes the SID's type, 3623811015-3361044348-30300820 is the domain identifier, randomly chosen by the AD domain setup program. (Local accounts use a separate "domain SID" that is generated during Windows installation.)

Within that domain, a user might have the SID S-1-5-21-3623811015-3361044348-30300820-1013, where 1013 is the user's RID ("relative ID"), based on an incrementing counter. Even if you delete all accounts and create new ones with identical names, they will never get the same RIDs.

(Note that the network authentication protocols always send the username. The SIDs are only used in access lists within the machine.)

So, the problem is not that old accounts are being overwritten; it's the exact opposite – Windows sees you as a completely new account on a completely new domain, and takes care to separate you from files which list the old SID as their owner.

You will have to take ownership of your old profile (e.g. using takeown from command line), then copy all necessary files into your new profile directory.

Note that Windows Registry keys (kept in ntuser.dat) have the same security properties ("ownership" and "access lists"), so do not try to reuse your old ntuser.dat unless you change the ownership of its contents as well.

user1686

Posted 2014-05-05T04:56:55.370

Reputation: 283 655

I made an edit (the last paragraph) 2 minutes before you submitted, could you respond to my thoughts there? It's more than just access to the files that I need. – codemann8 – 2014-05-05T06:38:05.657

@codemann8: What services were you talking about? – user1686 – 2014-05-05T12:52:02.067

I have a number of them, most of which aren't true "Services" that show up in the Windows Services window, those I have been able to switch over to the new user. An example of some service-like programs I have are No-IP or Plex Media Server just to name 2 of them. – codemann8 – 2014-05-05T16:59:07.537

? ? ? ? ? ? ? ? – codemann8 – 2014-06-02T16:06:20.490

Asked: 2014-05-05T04:56:55.370

Viewed: 336 times

Active: 2017-10-26T08:17:17.123