Re: [ActiveDir] Recreate BUILTIN\Incoming Forest Trust Builders

Mon, 14 Aug 2006 01:22:48 -0700

I dont think so. objectsid attribute is a systemonly attribute. Personally I am impressed of that "smart co-worker" that managed to delete it. According to the AD Delegation appendices http://www.microsoft.com/downloads/details.aspx?FamilyID=29dbae88-a216-45f9-9739-cb1fb22a0642&DisplayLang=en its not possible to move delete rename this group.

May be he exploited the dynamic objects feature in Windows 2003 RTM? http://blogs.dirteam.com/blogs/tomek/archive/2006/06/23/1175.aspx


M@


On 8/14/06, Han Valk <[EMAIL PROTECTED]> wrote:
Hi,

A smart co-worker deleted the BUILTIN\Incoming Forest Trust Builders group.
Is it possible to recreate this group with the same well known SID?
Authoritative restore is out of the question, deletetion is too long ago.

Han Valk.
List info   : http://www.activedir.org/List.aspx
List FAQ    : http://www.activedir.org/ListFAQ.aspx
List archive: http://www.activedir.org/ml/threads.aspx

Reply via email to