An idea I came up with and am currently testing is:

Connect to FilerA via a Win2K management console and add local groups. Then add users from NTDom1 to the FilerA groups. These groups would, of course, have to be documented so that they can be created on FilerB in NTDom2 should the need ever arise. The groups on FilerB would then be populated with users from NTDom2. This seems like it would preserve the overall security structure of the volumes being mirrored and not require any significant reconfiguration on NTDom2.

-----Original Message----- From: Manish Anand Kinnerkar [mailto:Mak@wipro.co.in] Sent: Friday, June 27, 2003 2:48 AM To: toasters@mathworks.com Subject: RE: Question about mirroring

This would be like a practical Disaster recovery scenario,

I believe FilerB will have all shares of FilerA intact within itslef. After we make the mirror copy read write , the only problem we face now is that the acl's on the shares are useless , as the uids/domain do not exist.The authentication for this domain ceases to exist and thereby access is not possible at share level.

FilerB cannot be a member of multiple domains at the same time, and will continue to reside in NTDom2 domain.

Now it will be upto the administrator to manage these shares . Most logical thing to do would be to reassign them to new userids ( corresponding to old users of NTDom1) in current domain NTDom2 as NTDom1 has ceased to exist. Or create the NTDom1 domain all over again , but reassign share to the recreated userids.

Experts on Windows Domain architecuture please comment on the same, coz frankly i'm not an expert in Windows :)

regards, Mak.

-----Original Message----- From: Holland, William L [mailto:hollandwl@state.gov] Sent: Thu 6/26/2003 6:24 PM To: 'toasters@mathworks.com' Cc: Subject: Question about mirroring

Scenario:

FilerA is installed at SiteA mirroring to FilerB at SiteB. Both are in Windows networks and both are using CIFS. SiteA is in NTDom1 and SiteB is in NTDom2. NTDom1 and NTDom2 are Windows NT domains, Active Directory is not implemented, and their is no trust relationship between the two NT Domains. FilerA has been using global groups and users from NTDom1 on its ACL's.

SiteA along with FilerA ceases to exist for whatever reason. SiteB breaks the mirror and brings the volumes mirrored from FilerA online. Is it possible to access the files on those shares since NTDom1 no longer exists?