What would happen if a solo W2K DC were to crash, and the ..

G

Guest

Guest
Archived from groups: microsoft.public.win2000.security (More info?)

I'd like to post a question to which I'd rather know the answer before
I'm actually confronted with the situation.

From expirience I've had a Windows 2000 Pro workstation with 2 HDD's
running in a domain enviroment. On the second disk I implemented some
NTFS rights through domain accounts. This second disk also contained
some install files, so I would be able to easily install some items
that I needed.

Now when a reinstall came round for the machine, I got it up and
running. Then I wanted to access the second HDD for the install files,
but ran into a rights problem. I wasn't allowed to access the
secondary disk. After I added the machine to the domain and used a
domain account to log on, I no longer had the issue.

Now we get to the big question... I have a W2K DC, which is currenly
running alone in the domain. There are no additional DC's active. It's
a home system, and the domain is merely there for me to try some minor
things with. This DC has multiple HDD's all with some right structures
implemented on them through the use of the domain accounts. One of the
HDD's (primary boot) has 3 partitions: "W2K server boot", "Private
Data" and "Everything else". There are two other HDD's in the system
that both hold one partition to the whole disk each. No spanning, no
RAID, no mirroring, no redundancy... Just three disks with the above
configuration.

Now the question is: What would happen if the DC were to crash, and
I'd be forced to reinstall it from scratch?

I'd need to reinstall the Active Directory, and recreate the accounts
(there's not that many so that's not that much of an issue, just
wiping the C: partition and reinstalling the server wouldn't be THAT
much of a hassle either), but when I recreate the accounts I'd be
creating the same accounts with different SID's. Which would mean that
any right structure's available on the HDD's / partitions would be
invalidated.

So my guess is, that reinstalling the DC would mean I'd be unable to
retrieve ANY data from the disks / partitions, seeing the NTFS
security would lock me out of accessing 'm.

Would I be able to hook up the HDD to a workstation that is currently
logging on to the domain and access the disk through there? This would
require a copy action over the network, but it would be do-able. The
only real question that remains then is: Would the workstation allow
me to log on under a domain account that never logged on to it before?
My guess is not. So as a preparation strike, I could log on on a
workstation under the account that has full access to the disks, just
to make sure that I'd be able to log onto the PC while the DC itself
would be absent.

The only way around any rights issues I suppose would be Partition
Magic, and returning the partitions to FAT32, or create an NTFS DOS
boot disk, hook up another disk, copy the entire contents of the NTFS
disk to the new disk, then wipe, recreate the partition, and recopy
the data.

The other option would be a backup of the data (or just the System
State) of some sort. Seeing there is no backup hardware available to
backup the amount of data on the disks, this isn't something that's
active at the moment, nor do I have readily available funds to obtain
backup hardware to backup the whole of the HDD capacity to either a
new HDD, or tape. If the SystemState would be sufficient, I'd still be
looking at some solution that would give me access to that data one
some disk I'd be able to access. So possible again a re-convert back
to FAT32?

Or would it be possible to plan for this, and give some local account
(Everyone?) access to all disks, while still implementing the rights
structure for when users access the machine over the network? (I'm
guessing the Everyone account would be recreated too, and as such it's
SID would also be invalidated).

I'm checking into creating a new DC just to hold a copy of the AD so
I'd be able to atleast get the data up and running normally again.
It'll be off most of the time, and I'll just need to start it every
now and then to replicate any changes (which hardly occur anyway) to
keep it updated. This however would cost me the use of a PC (although
it's an old one) aswell as an HDD, but that would be a solution I can
atleast feel somewhat secure with.

Anyone have any expirience with this scenario?

Due to the fact I'll be going on vacation this week, it'll mean the
server will be off anyways, so there isn't a real hurry with any
answers. I'd just like to be sure about what scenario's I'd be facing
in the wake of some mishap that'd kill the AD for whatever reason.
Thanks in advance for any and all responses.

Neko-
 
G

Guest

Guest
Archived from groups: microsoft.public.win2000.security (More info?)

Unless the data file are encrypted the data will ALWAYS be available to you
or anyone who has local administrator access to the computer even if the
domain no longer exists. All you have to do is put the hard drive in another
computer/rebuilt the computer, logon as a local administrator, take
ownership of the folders/files, give your self full control and you are in.
If you encrypt files with EFS or some other application make SURE you always
have backups of your EFS certificate and private key to password protected
..pfx file stored on media that is safe somewhere. The link below explains
how to take ownership and also applies to Windows 2000.

http://support.microsoft.com/default.aspx?scid=kb;en-us;308421

To protect your domain and Active Directory all you have to do is regularly
backup the System State of your domain controller. A System State backup
that is more than sixty days old will be no good in Windows 2000. I
generally backup my System State and any important data files. I use a DVD
burner or a second hard drive for such since hard drives are so cheap. ---
Steve

"Neko-" <neko@xs4all.nl> wrote in message
news:rc2od1h7q07gpjg52s9mdtrtg8mi76ncjv@4ax.com...
> I'd like to post a question to which I'd rather know the answer before
> I'm actually confronted with the situation.
>
> From expirience I've had a Windows 2000 Pro workstation with 2 HDD's
> running in a domain enviroment. On the second disk I implemented some
> NTFS rights through domain accounts. This second disk also contained
> some install files, so I would be able to easily install some items
> that I needed.
>
> Now when a reinstall came round for the machine, I got it up and
> running. Then I wanted to access the second HDD for the install files,
> but ran into a rights problem. I wasn't allowed to access the
> secondary disk. After I added the machine to the domain and used a
> domain account to log on, I no longer had the issue.
>
> Now we get to the big question... I have a W2K DC, which is currenly
> running alone in the domain. There are no additional DC's active. It's
> a home system, and the domain is merely there for me to try some minor
> things with. This DC has multiple HDD's all with some right structures
> implemented on them through the use of the domain accounts. One of the
> HDD's (primary boot) has 3 partitions: "W2K server boot", "Private
> Data" and "Everything else". There are two other HDD's in the system
> that both hold one partition to the whole disk each. No spanning, no
> RAID, no mirroring, no redundancy... Just three disks with the above
> configuration.
>
> Now the question is: What would happen if the DC were to crash, and
> I'd be forced to reinstall it from scratch?
>
> I'd need to reinstall the Active Directory, and recreate the accounts
> (there's not that many so that's not that much of an issue, just
> wiping the C: partition and reinstalling the server wouldn't be THAT
> much of a hassle either), but when I recreate the accounts I'd be
> creating the same accounts with different SID's. Which would mean that
> any right structure's available on the HDD's / partitions would be
> invalidated.
>
> So my guess is, that reinstalling the DC would mean I'd be unable to
> retrieve ANY data from the disks / partitions, seeing the NTFS
> security would lock me out of accessing 'm.
>
> Would I be able to hook up the HDD to a workstation that is currently
> logging on to the domain and access the disk through there? This would
> require a copy action over the network, but it would be do-able. The
> only real question that remains then is: Would the workstation allow
> me to log on under a domain account that never logged on to it before?
> My guess is not. So as a preparation strike, I could log on on a
> workstation under the account that has full access to the disks, just
> to make sure that I'd be able to log onto the PC while the DC itself
> would be absent.
>
> The only way around any rights issues I suppose would be Partition
> Magic, and returning the partitions to FAT32, or create an NTFS DOS
> boot disk, hook up another disk, copy the entire contents of the NTFS
> disk to the new disk, then wipe, recreate the partition, and recopy
> the data.
>
> The other option would be a backup of the data (or just the System
> State) of some sort. Seeing there is no backup hardware available to
> backup the amount of data on the disks, this isn't something that's
> active at the moment, nor do I have readily available funds to obtain
> backup hardware to backup the whole of the HDD capacity to either a
> new HDD, or tape. If the SystemState would be sufficient, I'd still be
> looking at some solution that would give me access to that data one
> some disk I'd be able to access. So possible again a re-convert back
> to FAT32?
>
> Or would it be possible to plan for this, and give some local account
> (Everyone?) access to all disks, while still implementing the rights
> structure for when users access the machine over the network? (I'm
> guessing the Everyone account would be recreated too, and as such it's
> SID would also be invalidated).
>
> I'm checking into creating a new DC just to hold a copy of the AD so
> I'd be able to atleast get the data up and running normally again.
> It'll be off most of the time, and I'll just need to start it every
> now and then to replicate any changes (which hardly occur anyway) to
> keep it updated. This however would cost me the use of a PC (although
> it's an old one) aswell as an HDD, but that would be a solution I can
> atleast feel somewhat secure with.
>
> Anyone have any expirience with this scenario?
>
> Due to the fact I'll be going on vacation this week, it'll mean the
> server will be off anyways, so there isn't a real hurry with any
> answers. I'd just like to be sure about what scenario's I'd be facing
> in the wake of some mishap that'd kill the AD for whatever reason.
> Thanks in advance for any and all responses.
>
> Neko-
 
G

Guest

Guest
Archived from groups: microsoft.public.win2000.security (More info?)

Neko

Steve has answered you, but I just wanted to say that it really does not
matter whether there is a domain involved or not, whether it is NT 3.51
or W2k3, etc. - there are two ways for NTFS storage to be accessible
when a disk is loaded into a different system (as with fresh install) :
either built-in principals were used to grant NTFS access (like Users,
Administrators, Administrator, etc.) which will be honored in any build
or the built-in Administrator account can always take ownership of any
NTFS object and in so doing set (or have set) the permissions

EFS is a major factor that can complicate this above statement, which
deals only with NTFS accessibility.

--
Roger Abell
Microsoft MVP (Windows Security)
MCSE (W2k3,W2k,Nt4) MCDBA
"Neko-" <neko@xs4all.nl> wrote in message
news:rc2od1h7q07gpjg52s9mdtrtg8mi76ncjv@4ax.com...
> I'd like to post a question to which I'd rather know the answer before
> I'm actually confronted with the situation.
>
> From expirience I've had a Windows 2000 Pro workstation with 2 HDD's
> running in a domain enviroment. On the second disk I implemented some
> NTFS rights through domain accounts. This second disk also contained
> some install files, so I would be able to easily install some items
> that I needed.
>
> Now when a reinstall came round for the machine, I got it up and
> running. Then I wanted to access the second HDD for the install files,
> but ran into a rights problem. I wasn't allowed to access the
> secondary disk. After I added the machine to the domain and used a
> domain account to log on, I no longer had the issue.
>
> Now we get to the big question... I have a W2K DC, which is currenly
> running alone in the domain. There are no additional DC's active. It's
> a home system, and the domain is merely there for me to try some minor
> things with. This DC has multiple HDD's all with some right structures
> implemented on them through the use of the domain accounts. One of the
> HDD's (primary boot) has 3 partitions: "W2K server boot", "Private
> Data" and "Everything else". There are two other HDD's in the system
> that both hold one partition to the whole disk each. No spanning, no
> RAID, no mirroring, no redundancy... Just three disks with the above
> configuration.
>
> Now the question is: What would happen if the DC were to crash, and
> I'd be forced to reinstall it from scratch?
>
> I'd need to reinstall the Active Directory, and recreate the accounts
> (there's not that many so that's not that much of an issue, just
> wiping the C: partition and reinstalling the server wouldn't be THAT
> much of a hassle either), but when I recreate the accounts I'd be
> creating the same accounts with different SID's. Which would mean that
> any right structure's available on the HDD's / partitions would be
> invalidated.
>
> So my guess is, that reinstalling the DC would mean I'd be unable to
> retrieve ANY data from the disks / partitions, seeing the NTFS
> security would lock me out of accessing 'm.
>
> Would I be able to hook up the HDD to a workstation that is currently
> logging on to the domain and access the disk through there? This would
> require a copy action over the network, but it would be do-able. The
> only real question that remains then is: Would the workstation allow
> me to log on under a domain account that never logged on to it before?
> My guess is not. So as a preparation strike, I could log on on a
> workstation under the account that has full access to the disks, just
> to make sure that I'd be able to log onto the PC while the DC itself
> would be absent.
>
> The only way around any rights issues I suppose would be Partition
> Magic, and returning the partitions to FAT32, or create an NTFS DOS
> boot disk, hook up another disk, copy the entire contents of the NTFS
> disk to the new disk, then wipe, recreate the partition, and recopy
> the data.
>
> The other option would be a backup of the data (or just the System
> State) of some sort. Seeing there is no backup hardware available to
> backup the amount of data on the disks, this isn't something that's
> active at the moment, nor do I have readily available funds to obtain
> backup hardware to backup the whole of the HDD capacity to either a
> new HDD, or tape. If the SystemState would be sufficient, I'd still be
> looking at some solution that would give me access to that data one
> some disk I'd be able to access. So possible again a re-convert back
> to FAT32?
>
> Or would it be possible to plan for this, and give some local account
> (Everyone?) access to all disks, while still implementing the rights
> structure for when users access the machine over the network? (I'm
> guessing the Everyone account would be recreated too, and as such it's
> SID would also be invalidated).
>
> I'm checking into creating a new DC just to hold a copy of the AD so
> I'd be able to atleast get the data up and running normally again.
> It'll be off most of the time, and I'll just need to start it every
> now and then to replicate any changes (which hardly occur anyway) to
> keep it updated. This however would cost me the use of a PC (although
> it's an old one) aswell as an HDD, but that would be a solution I can
> atleast feel somewhat secure with.
>
> Anyone have any expirience with this scenario?
>
> Due to the fact I'll be going on vacation this week, it'll mean the
> server will be off anyways, so there isn't a real hurry with any
> answers. I'd just like to be sure about what scenario's I'd be facing
> in the wake of some mishap that'd kill the AD for whatever reason.
> Thanks in advance for any and all responses.
>
> Neko-
 
G

Guest

Guest
Archived from groups: microsoft.public.win2000.security (More info?)

If taking ownership when moving an HDD/partition over through a local
admin would work then that in essence means that I'm not THAT screwed
if something happens to the AD.

EFS isn't used by me... I somehow have an aversion against using EFS
being that I'm always somewhat afraid the data may somehow still be
irretrevable even if one has taken all possible precautions.

That atleast takes a load off my mind. I wasn't sure about how to
tackle this, but if the ownership bit works, that should suffice me
plenty I suppose.

Thanks for the speedy response :)

Neko-

On Mon, 18 Jul 2005 15:46:33 -0500, "Steven L Umbach"
<n9rou@nospam-comcast.net> wrote:

>Unless the data file are encrypted the data will ALWAYS be available to you
>or anyone who has local administrator access to the computer even if the
>domain no longer exists. All you have to do is put the hard drive in another
>computer/rebuilt the computer, logon as a local administrator, take
>ownership of the folders/files, give your self full control and you are in.
>If you encrypt files with EFS or some other application make SURE you always
>have backups of your EFS certificate and private key to password protected
>.pfx file stored on media that is safe somewhere. The link below explains
>how to take ownership and also applies to Windows 2000.
>
>http://support.microsoft.com/default.aspx?scid=kb;en-us;308421
>
>To protect your domain and Active Directory all you have to do is regularly
>backup the System State of your domain controller. A System State backup
>that is more than sixty days old will be no good in Windows 2000. I
>generally backup my System State and any important data files. I use a DVD
>burner or a second hard drive for such since hard drives are so cheap. ---
>Steve
>