[THIN] Re: How crazy would it be....
- From: "BRUTON, Malcolm, FM" <Malcolm.BRUTON@xxxxxxxx>
- To: "'thin@xxxxxxxxxxxxx'" <thin@xxxxxxxxxxxxx>
- Date: Fri, 20 Jan 2006 08:52:25 -0000
You are talking about using SID history which is slightly different. Using
SID history mean that groups or users will have the same SID in either
domain. Citrix uses the SID rather then the names of groups as should most
apps. If you are simply moving apps or servers form one domain to another
without using SID history, then the same group name in each domain will have
a different SID, and you will have to repermission any resources so they use
the new SID.
Malcolm
-----Original Message-----
From: thin-bounce@xxxxxxxxxxxxx [mailto:thin-bounce@xxxxxxxxxxxxx] On Behalf
Of Kwaj Dude
Sent: 19 January 2006 21:19
To: thin@xxxxxxxxxxxxx
Subject: [THIN] Re: How crazy would it be....
What we recently ran into is groups were migrated from one domain to another
keeping the SID. Worked great for access to shares/folders based on group
membership, totally didn't work with published apps access based on group
membership. Perhaps it does track SIDs, but based on the behavior that we
observed it certainly didn't fly with migrating across domains.
On 1/18/06, BRUTON, Malcolm, FM <Malcolm.BRUTON@xxxxxxxx
<mailto:Malcolm.BRUTON@xxxxxxxx> > wrote:
I'm not sure that statement is right.
If you rename a group in AD it will update it to the new name in the CMC on
published apps. Therefore it must be using the SID. Best way is to test
it....
You can have a farm in multiple domains at once. You obviously just need to
be careful with permissioning the right resources from each domain.
I have seen issues with RM that is split between domains (an NT4 domain and
an AD domain) where not everything works. Such as, you lose the ability to
run some reports in the CMC based on group membership and you must run it
only individual user accounts instead.
Hope this helps
Malcolm
-----Original Message-----
From: thin-bounce@xxxxxxxxxxxxx <mailto:thin-bounce@xxxxxxxxxxxxx>
[mailto:thin-bounce@xxxxxxxxxxxxx <mailto:thin-bounce@xxxxxxxxxxxxx> ] On
Behalf Of Kwaj Dude
Sent: 18 January 2006 02:05
To: thin@xxxxxxxxxxxxx <mailto:thin@xxxxxxxxxxxxx>
Subject: [THIN] Re: How crazy would it be....
As far as published apps go, Citrix only looks at account names/group names
- SIDs mean nothing. As long as the domain and te usernames remain the same
it shouldn't be an issue.
On 1/18/06, Jen hen <jen.work@xxxxxxxxx <mailto:jen.work@xxxxxxxxx> > wrote:
to migrate a complete citrix farm to a new AD forest? There will be trusts
between forests. The farm is not yet productional, so it can take a few
hick-ups.
Currently all the infrastructure pieces are 4.0 but the PS servers are 3.0
with SP 2005.04.
Thanks!
Jennifer Henske
****************************************************************************
*******
The Royal Bank of Scotland plc. Registered in Scotland No 90312. Registered
Office: 36 St Andrew Square, Edinburgh EH2 2YB.
Authorised and regulated by the Financial Services Authority
This e-mail message is confidential and for use by the
addressee only. If the message is received by anyone other
than the addressee, please return the message to the sender
by replying to it and then delete the message from your
computer. Internet e-mails are not necessarily secure. The
Royal Bank of Scotland plc does not accept responsibility for
changes made to this message after it was sent.
Whilst all reasonable care has been taken to avoid the
transmission of viruses, it is the responsibility of the recipient to
ensure that the onward transmission, opening or use of this
message and any attachments will not adversely affect its
systems or data. No responsibility is accepted by The Royal
Bank of Scotland plc in this regard and the recipient should carry
out such virus and other checks as it considers appropriate.
Visit our websites at:
http://www.rbs.co.uk/CBFM <http://www.rbs.co.uk/CBFM>
http://www.rbsmarkets.com <http://www.rbsmarkets.com/>
****************************************************************************
****
Other related posts:
