In this blog post I'm going to show you how to remove the SIDHistory from an object in Active Directory after a domain migration. If you attempt to use standard Microsoft tools such as ADSIEdit to remove the SIDHistory from an object regardless what access rights you have been assigned, the following error will be presented.
Operation failed. Error code: 0x5
Access is denied
00000005: SecErr: DSID-031A1256, problem 4003
(INSUFF_ACCESS_RIGHTS), data 0
To remove SIDHistory from an object you need to use the following VBScript from Microsoft KB295758.
http://support.microsoft.com/en-us/kb/295758
Simply copy and paste the script into a notepad document then run the script with the following arguments to remove the SIDHistory entries from the object in question.
Operation failed. Error code: 0x5
Access is denied
00000005: SecErr: DSID-031A1256, problem 4003
(INSUFF_ACCESS_RIGHTS), data 0
To remove SIDHistory from an object you need to use the following VBScript from Microsoft KB295758.
http://support.microsoft.com/en-us/kb/295758
Simply copy and paste the script into a notepad document then run the script with the following arguments to remove the SIDHistory entries from the object in question.
This is dummy text. It is not meant to be read. Accordingly, it is difficult to figure out when to end it. But then, this is dummy text. It is not meant to be read. Period.
ConversionConversion EmoticonEmoticon