Note
Access to this page requires authorization. You can try signing in or changing directories.
Access to this page requires authorization. You can try changing directories.
Question
Friday, June 29, 2012 1:33 AM
Hello all, we are under AD and Exchange migration and need to know how to remove specific SID History from users cloned by ADMT to target domain after migration is finished.
I tested SID History deletion (just one of the SIDs of the SID History Attribute) by using ADSIEdit on one AD test account (being logged with domain admins account) but I got acces denied message. Do you know how this task could be accomplished to remove just specific SID History entries of several users?
Best regards, EEOC.
All replies (2)
Friday, June 29, 2012 1:53 AM âś…Answered | 1 vote
Here's a really good explanation of how to remove the values in a granular way, i.e. removing one value if more than one exists:
http://blog.joeware.net/2011/11/20/2338/
Tony www.activedir.org blog:www.open-a-socket.com
Friday, June 29, 2012 1:48 AM
Scripting is the way to go. Here's an example using the AD Powershell cmdlets:
http://technet.microsoft.com/en-us/library/powershell_remove_sid_history(v=ws.10)
Tony www.activedir.org blog:www.open-a-socket.com