Hello,
We moved from an old domain to a new one including with new fileservers. I have done this with robocopy to preserve the NTFS security entries for the old domain.
After this I added entries for the new domain using subinacl. ( the migrateto option ). Resulting in double ntfs entries.
Now I am trying to remove old NTFS security entries from a file server. However they are resolved by the new domain based on SID history.
And another problem I have is that the old domain is not available anymore. So I cannot use subinacl to remove them.
Is there an option to remove ACL entries base on the first numbers of a SID?. Example:
S-1-5-21-138* < NEW domain
S-1-5-21-187* < OLD domain
So I would like to remove all ACE that start with: S-1-5-21-187*
Is this possible or is there an alternative way to do this?
Thank You,