Mutsje
Admin
| Posts: 468 |  |
|
Restoring Shares on a server - 2006/05/10 11:05
The information in this article applies to:
- Microsoft Windows NT Server versions 3.1, 3.5, 3.51, 4.0
- Microsoft Windows NT Workstation versions 3.1, 3.5, 3.51, 4.0
- Microsoft Windows NT Advanced Server
- Microsoft Windows 2000 Professional
- Microsoft Windows 2000 Server
- Microsoft Windows 2000 Advanced Server
-------------------------------------------------------------------------------
SUMMARY
=======
If you need to:
- reinstall Windows NT over an existing installation (a clean install, not an
upgrade)
- move all of your data drives from one server to another
- install Windows NT to another directory or drive on a computer that already has
Windows NT installed
you can save the share names that exist on the original Windows NT installation,
including any permissions assigned to those shares.
MORE INFORMATION
================
WARNING: Using Registry Editor incorrectly can cause serious, system wide
problems that may require you to reinstall Windows NT to correct them. Microsoft
cannot guarantee that any problems resulting from the use of Registry Editor can
be solved. Use this tool at your own risk.
To save only the existing share names and their permissions on Windows NT follow
these steps:
NOTE: This procedure applies only to NetBIOS shares and not Macintosh volumes.
1. On the existing Windows NT installation containing the share names and
permissions that you want to save, run the Registry Editor (Regedt32.exe).
2. From the HKEY_LOCAL_MACHINE subtree, go to the following key:
SYSTEMCurrentControlSetServicesLanmanServerShares
3. Choose Save Key from the Registry menu.
4. Type a new file name (a file extension is not necessary) and save the file to
a floppy disk).
5. Reinstall Windows NT
6. Run Registry Editor. (Regedt32.exe)
7. From the HKEY_LOCAL_MACHINE subtree, go to the following key:
SYSTEMCurrentControlSetServicesLanmanServerShares
8. From the Registry menu choose Restore.
9. Type the path and file name of the file that you saved in steps 3 and 4.
CAUTION: This step overrides whatever shares already exist on the Windows NT
machine with the share names and permissions that exist in the file you are
restoring. You are warned about this before restoring the key.
NOTE: If, after completing the procedure above, you decide that you should not
have restored the Shares key, restart the computer and press the Spacebar to
use the Last Known Good Configuration.
10. Restart the server.
After restoring the shares key, the shares can be used by network clients.
Although running NET SHARES on the server displays the shares, File Manager does
not. To make File Manager aware of the newly restored shares, create any new
share on the server. File Manager will then display all of the other shares
after you reboot the server or stop and re-start the Server service.
In Windows NT 3.5, if you choose "Stop Sharing" in file manager, the restored
shares will still show up, but they are grayed out.
Only permissions for domain users are restored. If a local user was created in
the previous Windows NT installation, that local user's unique security
identifier (SID) is lost.
NTFS permissions on directories and files are not affected when you save and
restore the shares key.
Additional query words: migrate
======================================================================
Keywords :
Technology : kbWinNTsearch kbWinNTWsearch kbwin2000AdvServSearch kbWinNTSsearch kbWinNTAdvSerSearch kbwin2000Ssearch kbwin2000ProSearch kbExchange400 kbWinAdvServSearch kbSDKDAO351
Version : :2000,3.1,3.5,3.51,4.0
=============================================================================
Copyright Microsoft Corporation 2001.
GPO adicted |
|
|
| | The administrator has disabled public write access. |
elevator
User
| Posts: 2 |  |
|
Re:Restoring Shares on a server - 2006/07/16 21:36
When you dont like messing around in the registry, you might rather use a VBScript and the correct API calls for this.
I once wrote a script to keep two fileservers in sync with regards to fileshares - it is based on code i found on: http://cwashington.netreach.net/depo/view.asp?Index=1068&ScriptType=vbscript
| Code: |
'====================
' ShareSetup.vbs
' Credits: parts of various other posted scripts used -
' http://cwashington.netreach.net/depo/view.asp?Index=1068&ScriptType=vbscript
' Requirements: Admin Rights
'====================
Option Explicit
Const PERM_FULL = 2032127
Const PERM_CHANGE = 1245631
Const PERM_READ = 1179817
Const FILE_SHARE = 0
Const MAXIMUM_CONNECTIONS = 25
Const DOMAIN_NAME = "domainname"
'
' ******************
' *** Share a folder using the specified security descriptor
' ******************
'
Sub ShareFolderWithDescriptor(ComputerName, FolderName, ShareName, DescriptionStr, SecDesc)
Dim Services
Dim Share
Dim InParam
' Initialize basic services
Set Services = GetObject("WINMGMTS:{impersonationLevel=impersonate,(Security)}!\\" & ComputerName & "\ROOT\CIMV2")
' and start creating the service
Set Share = Services.Get("Win32_Share")
Set InParam = Share.Methods_("Create").InParameters.SpawnInstance_()
InParam.Properties_.Item("Access") = SecDesc
InParam.Properties_.Item("Description") = DescriptionStr
InParam.Properties_.Item("Name") = ShareName
InParam.Properties_.Item("Path") = FolderName
InParam.Properties_.Item("Type") = 0
Share.ExecMethod_ "Create", InParam
End Sub
'
' ******************
' *** Share a folder
' ******************
'
Sub ShareFolder(ComputerName, FolderName, ShareName, AccountName, DescriptionStr)
Dim Services
Dim SecDescClass
Dim SecDesc
Dim ACE
Set Services = GetObject("WINMGMTS:{impersonationLevel=impersonate,(Security)}!\\" & ComputerName & "\ROOT\CIMV2")
Set SecDescClass = Services.Get("Win32_SecurityDescriptor")
Set SecDesc = SecDescClass.SpawnInstance_()
'Use SetGroupTrustee for groups and SetAccountTrustee for users
Set ACE = CreateACE( Services, SetGroupTrustee(DOMAIN_NAME, AccountName) )
' now add the security descriptor
SecDesc.Properties_.Item("DACL") = Array(ACE)
Call ShareFolderWithDescriptor(ComputerName, FolderName, ShareName, DescriptionStr, SecDesc)
End Sub
'
' ******************
' *** Helper function to create an Access Control Entry using an trustee object
' ******************
'
Function CreateACE(Services, Trustee)
Dim ACE
Set ACE = Services.Get("Win32_Ace").SpawnInstance_
ACE.Properties_.Item("AccessMask") = PERM_FULL
ACE.Properties_.Item("AceFlags") = 3
ACE.Properties_.Item("AceType") = 0
ACE.Properties_.Item("Trustee") = Trustee
Set CreateACE = ACE
End Function
'
' ******************
' *** Create an security object for the specified useraccount in the specified domain
' ******************
'
Function SetAccountTrustee(strDomain, strName)
Dim objTrustee
Dim account
Dim accountSID
set objTrustee = getObject("Winmgmts:{impersonationlevel=impersonate}!root/cimv2:Win32_Trustee").Spawninstance_
set account = getObject("Winmgmts:{impersonationlevel=impersonate}!root/cimv2:Win32_Account.Name='" & strName & "',Domain='" & strDomain &"'")
set accountSID = getObject("Winmgmts:{impersonationlevel=impersonate}!root/cimv2:Win32_SID.SID='" & account.SID &"'")
objTrustee.Domain = strDomain
objTrustee.Name = strName
objTrustee.Properties_.item("SID") = accountSID.BinaryRepresentation
set accountSID = nothing
set account = nothing
set SetAccountTrustee = objTrustee
End Function
'
' ******************
' *** Create an security object for the specified usergroup in the specified domain
' ******************
'
Function SetGroupTrustee(strDomain, strName)
Dim objTrustee
Dim account
Dim accountSID
set objTrustee = getObject("Winmgmts:{impersonationlevel=impersonate}!root/cimv2:Win32_Trustee")
.Spawninstance_
set account = getObject("Winmgmts:{impersonationlevel=impersonate}!root/cimv2:Win32_Group.Name='
" & strName & "',Domain='" & strDomain &"'")
set accountSID = getObject("Winmgmts:{impersonationlevel=impersonate}!root/cimv2:Win32_SID.SID='
" & account.SID &"'")
objTrustee.Domain = strDomain
objTrustee.Name = strName
objTrustee.Properties_.item("SID") = accountSID.BinaryRepresentation
' and clean up
set accountSID = nothing
set account = nothing
set SetGroupTrustee = objTrustee
End Function
' *********************
' Arrays containing the share information
Dim sourceShares
Dim sourceSecurity
Dim arSize
' individual share items
Dim objItem
' Initialize variables
sourceShares = Array()
sourceSecurity = Array()
' Now first ensure the needed commandline parameters were given
If WScript.Arguments.Count < 2 Then
WScript.echo "Incorrect usage - please specify source server and destination server"
WScript.echo "eg: Replicate_Shares.vbs KANT MARX"
WScript.echo "to replicate shares from server KANT to server MARX"
WScript.quit
Else
Dim SourceServer: SourceServer = WScript.Arguments(0)
Dim DestServer: DestServer = WScript.Arguments(1)
WScript.Echo "Replicating shares from " & SourceServer & " to " & DestServer
End If
Dim objWMIService: Set objWMIService = GetObject("winmgmts:\\" & SourceServer & "\root\cimv2")
Dim colItems: Set colItems = objWMIService.ExecQuery _
("SELECT * FROM Win32_Share WHERE Status='OK' AND type='0'",, 48)
' Now iterate through all available file shares
For Each objItem In colItems
' Expand the shares array
arSize = UBound(sourceShares) + 1
ReDim Preserve sourceShares(arSize)
ReDim Preserve sourceSecurity(arSize)
' Connect to WMI and get the share security object for the share
Dim oShareSecSetting: Set oShareSecSetting = GetObject( _
"winmgmts:\\" & SourceServer & "\root\cimv2:Win32_LogicalShareSecuritySetting.Name='" & objItem.Name & "'")
' and add this specific share to the array
Set sourceShares(arSize) = objItem
' Get the security descriptor seperateley
Dim oSecurityDescriptor
Dim i: i = oShareSecSetting.GetSecurityDescriptor(oSecurityDescriptor)
Set sourceSecurity(arSize) = oSecurityDescriptor
Next
Dim counter
For counter = 0 to arSize
Set objItem = sourceShares(counter)
WScript.Echo "Creating: " & objItem.Name & " ==> " & objItem.Path
Set oSecurityDescriptor = sourceSecurity(counter)
Call ShareFolderWithDescriptor(DestServer, _
objItem.Path, _
objItem.Name, _
objItem.Description, _
oSecurityDescriptor )
Next
|
|
|
|
| | The administrator has disabled public write access. |
|
