Re: How do I restore security only on XP Pro?

From: Peter Clark (
Date: 04/28/03

Date: Mon, 28 Apr 2003 12:42:02 -0700

why not just: run secedit and export your security settings
to an inf, run local security policy and export your ipsec
settings (if any) backup your efs keys(if any) backup your
c:\documents and settings\%username% folders. export/backup
the syskey, the profilelist and user keys. check/backup
ms/third party programs that store user data in "other"
locations - licensing info also and for orginal setups.

"The final aim is to avoid re-registering the computer into
the domain again." humm probably need some entries from
the security hive also, probably in the secrets key.

install on a new machine and import the lot. simple. :-)
just an idea, but it will probably work.

>-----Original Message-----
>ASR would be similar to just doing a backup with system state
>and then restoring after the fresh install, which you
indicate you
>have reason for not wanting to do.
>Simply copying profiles is no longer an advised way of doing
>things. There is now stuff stored there that is SID
sensitive as
>well as controlled by encryption based on a hash of the
>The Fast approach would be very tedious if there are many
>but it will handle things like Office product identities,
email storage,
>etc. which is otherwise a little tricky.
>In the long run, trying for a shortcut based on simple
copy out
>and copy back will probably end up being more effort (again,
>depending on how much of this you need to do)
>"Vince C." <> wrote in message
>> "Roger Abell {MVP}" <> a écrit dans le
message de
>> news:eRPWbBYDDHA.2100@TK2MSFTNGP11.phx.gbl...
>> > There is no tool available to do exactly what you ask.
>> > What you can do however, is to use the Fast tool (file
>> > and settings transfer = fast) to collect together what
>> > should be transferred from an old account and restored
>> > into the new accounts.
>> > You will need to define the new accounts in the new
>> > install. For each account you need to log in before in
>> > the old system and then again in the new system, each
>> > time running Fast.
>> > You will find Fast as the fastwiz file in the CD, IIRC it
>> > its in the support folder. You will want to filter down
>> > rather severely what files are transferred, keeping things
>> > like the email software's pst pab etc files, but not
>> > things like exe files or the transfer file will become
>> >
>> > --
>> > Roger
>> Thanks Roger.
>> If I understood there is no way to recover the machine
SID, for instance? At
>> that level it seems it's as fast to save my profiles
somewhere, logon using
>> new accounts and restore all profiles from saved
locations. I also assume
>> I'll need to set access rights on all registries
>> I read a little on ASR (Automated System Recovery).
Can't it substantially
>> do what I want? I won't have both machines in the same
time, that's my
>> problem...
>> Vince C.

Relevant Pages

  • Re: I cant select text using word 2007.
    ... With this being a new load with no profiles on the machine, ... Logging in as another user loads templates and add-ins from a different ... It's highly unlikely that the problem is the result of a security patch -- ... If you hover over the scroll bar, ...
  • Re: 2005 Express how to encrypt db
    ... To solve this problem, in addition to having good security for the program, ... attach to another SQL Instance. ... Security Considerations for Backup and Restore (SQL Server) ...
  • Re: Default User Serurity Permission
    ... and then the [File Security] section. ... and once a new MMC console opens, ... > profiles, I just changed them. ... >>Restore XP to installation Security Defaults ...
  • Re: Backup - Not Getting Any Response - Please Help
    ... Boot from DVD and Reformat of the System Partition would be the way to ... With a re-install the SIDs will change so the users will have to ... Reconnect to the "New" Domain and so will get new Profiles. ... I'd suggest you do an Exchange aware backup ...
  • Re: User Conectivity at Home
    ... systems are all secured via profiles and passwords. ... having a shared folder setup for "everyone" is a breach of such security. ... If your network is behind a NAT router, then your file sharing is more or less ... A designated folder for sharing to "Everyone" isn't a breach of security, ...