Using Ghost Walker | Symantec 10024709 instruction

146Updating Security Identifiers (SIDs) and computer names

Using Ghost Walker

It appears that the accessing user is given the rights that the accessed user has by proxy. For example, the access is performed on behalf of the accessing user by the accessed user, just because there is a user name/password match. This can best be seen when specific access rights are granted remotely by the accessing user to a resource on the accessed computer. The Access Control List shows that the accessed user is the user who has rights to the resource.

Updating the SID on a workstation does not stop this situation from occurring.

You must change the password of one of the users.

Using Ghost Walker

Ghost Walker lets you alter identification details of Windows 95, Windows 98, Windows Me, Windows NT, and Windows 2000/XP computers following a clone operation. Each Windows 95, 98, or Me computer can be assigned a unique name. Each Windows NT or 2000/XP computer can be assigned a unique computer name and a Machine Security Identifier (SID).

When you update the SID using Ghost Walker, all existing workstation users and their passwords, permissions, and registry settings are maintained.

Ghost Walker can be operated from the graphical user interface or from the command line. Ghost Walker does not run from:

■A Windows NT or 2000 DOS shell

■A Windows 95, 98, or Me DOS shell

The Ghost Walker window lists all bootable Windows 95, 98, Me, NT, XP, and 2000 systems on the computer hard drives. Ghost Walker determines that there is an installed operating system if a full set of registry hive files and the operating system kernel executable are located in their normal locations.

Ghost Walker lists the following operating system details:

■Logical ID (system ID generated by Ghost Walker)

■Drive number

■Partition number

■Volume label (partition name)

■Partition file system type

■Computer name

■Operating system type, version, or build

Image 146

Symantec 10024709 manual Using Ghost Walker

Contents

Norton Ghost User’s Guide Trademarks Norton Ghost User’s GuideCopyright Notice Symantec License and Warranty S. Government Restricted Rights Contents Chapter Backing up, restoring, and cloning from Norton Ghost Chapter Image file options Chapter Backing up, restoring, and cloning from DOS Chapter Managing partitions using GDisk Appendix USB and DirectParallel Cables Appendix Diagnostics Contents About Norton Ghost Introducing Norton Ghost What’s new in Norton Ghost How Norton Ghost works Virtual Partition Hardware restrictions Preparing for an emergency See Restoring your computer from an image file on Norton Ghost componentsNorton Ghost wizards See Restoring from an image file on Backup Wizard Clone Wizard Run Ghost Interactively Wizard Norton Ghost executable Ghost Boot Wizard Ghost Explorer GDisk Ghost Walker Installing Norton Ghost Ghost.exe Supported backup mediaMinimum system requirements CD and DVD writing See Cloning with Linux on Installing Norton GhostDisaster recovery requirements See Preparing for an emergency on To install Norton Ghost from Norton SystemWorks To start the installation from the Norton Ghost CD Installing Norton GhostTo install Norton Ghost from the Norton Ghost CD If the opening screen does not appear To register Norton Ghost To uninstall Norton Ghost Uninstalling Norton GhostTo update Norton Ghost using LiveUpdate Updating Norton Ghost Uninstalling Norton Ghost Backing up, restoring, and cloning from Norton Ghost When to use Norton Ghost in Windows Starting Norton Ghost in Windows Starting Norton Ghost from the tray icon To start Norton Ghost in Windows To back up a hard disk or partition Creating a backup image fileTo start Norton Ghost from the tray icon Restoring your computer from an image file See Setting Norton Ghost options and defaults onSee Creating a recovery boot disk on See Identifying a hard disk on To restore a disk or partition See Viewing image files on Cloning a hard disk or partition To create a clone task Launching Ghost.exe peer-to-peer See Installing USB peer-to-peer drivers onTo run Ghost.exe peer-to-peer using USB Click USB peer-to-peer To run Ghost.exe peer-to-peer using TCP Click TCP peer-to-peer Click LPT peer-to-peer See Setting LPT peer-to-peer drivers onTo run Ghost.exe peer-to-peer using LPT Identifying a hard disk To identify a disk Identifying a hard disk Setting options and defaults Setting Norton Ghost options and defaults To add command-line switches to a task Adding command-line switches to a taskSetting the options for a mapped network drive Assigning a drive letter to a CD/DVD drive See Selecting a template on Setting display optionsClick Map network drive To set the options for a mapped network drive To uninstall MS-DOS Setting the DOS versionTo install MS-DOS See Providing MS-DOS on HIMEM.SYS WFWSYS.CFG To install the Microsoft DOS Client files Setting the image integrity check defaultSetting a compression level See Checking the integrity of an image file on Adding free space to the Virtual Partition Assigning a password to an image fileTo assign a password To set the compression level To install Scsi drivers Installing Scsi driversSee Installing extra drivers on To specify additional free space in the Virtual Partition To install external device drivers Setting external storage device driversSetting TCP/IP drivers Setting LPT peer-to-peer drivers To install TCP/IP drivers To install extra drivers Installing extra driversTo install LPT peer-to-peer drivers To select USB peer-to-peer drivers Installing USB peer-to-peer driversRunning your computer from the Virtual Partition To create the Virtual Partition from a folder Checking the integrity of an image fileRestarting your computer from the Virtual Partition To restart your computer in Windows Starting Ghost.exe See Adding command-line switches to a task onViewing the task log To check the integrity of an image file What to do if a task fails To start Ghost.exe Image file options Image files and compression See Command-line switches onAbout Norton Ghost image files Performance expectations on a network Image files and volume spanningImage files and CRC32 Standard image files Spanned image files Limitations on the image file sizeSize-limited image files Spanning across multiple volumes and limiting span sizes Restoring from a spanned image Image files and tape drives See Adding switches to your Ghost operation onSee Standard boot disks on GoBack and Ghost.exe See Creating a backup image file onGoBack and Norton Ghost See Reinitializing the Master Boot Record on Dynamic disks in Windows 2000/XP Hibernation and swap files Spart.par Swapper.dat Toshiber.dat Virtpart.dat Win386.swp Creating boot disks with the Ghost Boot Wizard When to create a Ghost boot disk Introducing the Norton Ghost Boot WizardWhat is a Ghost boot disk How to use a Ghost boot disk When to include MS-DOS on a boot disk Files included on a Ghost boot diskCreating a recovery boot disk To open the Ghost Boot Wizard Opening the Ghost Boot WizardTo test your recovery boot disk or CD/DVD Creating boot disks and boot images See Boot disks with network support Standard boot disks See Image files and CD/DVD writers on Creating boot disks and boot images Creating boot disks and boot images Boot disks with network support To create a boot disk with network support Creating boot disks and boot images Boot disks with CD-ROM and DVD support To create a boot disk with CD-ROM and DVD support To create a boot disk that supports mapping network drives Boot disks with drive mapping network supportSee Installing MS-DOS Client files on Creating boot disks and boot images Selecting a template Click Device Manager Expand Network Adapter To create a multicard template Multicard templates and the boot diskSee Adding network drivers to the Ghost Boot Wizard on To begin adding a network driver to the Ghost Boot Wizard Adding network drivers to the Ghost Boot WizardAdding packet drivers to the Ghost Boot Wizard To add a packet driver to the Ghost Boot Wizard Adding NDIS2 drivers to the Ghost Boot Wizard To add an NDIS2 driver to the Ghost Boot Wizard To modify a template Adding command-line parameters to a boot packageCustomizing the template Check Copy System Files Providing MS-DOSClick Start Program Files Windows Explorer Clone Parameters Description To install MS-DOS on your computer To uninstall MS-DOS from your computer Backing up, restoring, and cloning from DOS An overview of using Ghost.exe To use Norton Ghost Starting the Norton Ghost executable Marking your disks See Creating boot disks and boot images onNavigating without a mouse \progra~1\symantec \Norton~1\ghost.exe Establishing a peer-to-peer connection with Ghost.exe Action Master Slave To connect two computers peer-to-peer Backing up a hard disk to an image file Local Click Local Disk To Image To back up a disk to an image file See Verifying image integrity on See Image files and volume spanning onBacking up a partition to an image file Local Click Local Partition To Image See Image files and compression on Restoring a hard disk from an image file To restore a disk from an image fileRestoring from an image file Local Click Local Disk From Image Restoring from an image file Local Click Local Partition From Image To restore a partition from an image fileRestoring a partition from an image file Cloning disks and partitions Cloning disk to disk To clone disk to disk To clone from partition to partition Cloning partition to partitionLocal Click Local Partition To Partition To verify the integrity of an image file Verifying image integrityLocal Click Local Check Image File Adding switches to your Ghost operation To verify the integrity of a disk To add switches to your Ghost operation Tab Command-line options Adding switches to your Ghost operation Backing up and restoring with CD-R/RW and DVD- R/RW Image files and CD/DVD writers Type of drive Media 114 Backing up and restoring with CD-R/RW and DVD-R/RW Splitting an image file during a backup To split an image file as it is created 116 Backing up and restoring with CD-R/RW and DVD-R/RW Using Ghost Explorer to modify image file contents Understanding Ghost Explorer Click Ghost Utilities Click Norton Ghost Explorer Viewing image filesLaunching a file See To open Ghost Explorer on See Determining Norton Ghost image file version on Extracting a file or directory from an image fileModifying image files in Ghost Explorer To launch a file Listing the contents of an image file Setting span file sizes To split an existing image file Splitting an image fileCompiling a file Determining Norton Ghost image file version Using Ghost Explorer from the command lineTo start Ghost Explorer from a command prompt Type Ghostexp See Listing the contents of an image file on See Setting span file sizes on To set the correct char set Using Ghost Explorer with long file namesDouble-clickRegional Options Using Ghost Explorer from the command line Managing partitions using GDisk To run GDisk Introducing GDiskRunning GDisk To run GDisk32 Overview of main command-line switches Mode Switch Explanation Switch Explanation Online Help for command-line switchesSwitches common to all GDisk commands Creating a partition Reinitializing the Master Boot Record Syntax for this command is as follows Gdisk disk /mbr /wipe Showing information about disks Performing multiple GDisk operations using batch mode FAT16 partitions in Windows NT Deleting and wiping your disk Diskwipe switches Activating or deactivating a partition Hiding or unhiding a partition Displaying the list of current boot entries Modifying the Windows NT/2000/XP boot menuSpecifying the boot.ini path and file name Adding an entry to Boot.ini Adding an entry for starting Windows NT/2000/XP 140 Managing partitions using GDisk Remove switches Removing an entry from Boot.iniSetting the default boot option and timeout Support for Large Hard Disks Updating Security Identifiers SIDs and computer names Norton Ghost Walker capabilities Norton Ghost Walker limitations SID changing limitations Loss of access to external data objectsIdentical user names and passwords across workstations Using Ghost Walker 147 Running Ghost Walker from the command line Switch Description Examples Sure Following is an example of command line use Using Ghost Walker Command-line switches To list Norton Ghost command-line switches Using Norton Ghost with switchesCommand-line switches Ghost.exe -h Ghost.exe -? See Clone switch usage on With -cns See -CRC32 switch usage on Dl=number Specified Require forensic images Type Based On Value Piii ID To reinstall Lilo When automating Norton Ghost in a batch command file CRC32 vexcept option See Setting a destination size for the clone switch on See Image files and compression on Switch Action Clone switch usageDefining the type of clone command Table A-1 Table A-2 Setting a source for the clone switchMode Source Destination Switch Source Explanation Table A-3 Switch Destination Explanation Setting a destination for the clone switchSetting a destination size for the clone switch Table A-4 Table A-5 Examples of clone switch usageSwitch Function Table A-6 CRC32 switch usage Ntfs Parameter Explanation Examples of -CRC32 usageTable A-7 Table A-8 Files not checked with CRC Ghost.exe and the Virtual Partition \WINDOWS\TEMPOR~1\CACHE4\ Ghost.exe and the Virtual Partition Transfer methods and hardware setup See USB and DirectParallel Cables on Transfer and hardware requirementsPeer-to-peer connections CD/DVD usage Scsi tape drivesRemovable media Internal drives Third-party devices USB and DirectParallel Cables Parallel Technologies cables Other USB cables Parallel Technologies cables Other USB cables Wattcp.cfg network configuration file Wattcp.cfg configuration file Wattcp.cfg key words Table D-1 Wattcp.cfg configuration fileWattcp.cfg key words Keyword Description Wattcp.cfg key words Wattcp.cfg key words Cloning with Linux Position of disk Supported configurationsBoot configuration Norton Ghost utility support Norton Ghost utility support Troubleshooting Error code Description Ghost.exe error messagesSee Service and support solutions on Table F-1 Creating an image on an Ntfs partition Problems running Norton GhostCard not found/Card not installed Cannot start from drive a Missing hibernation file To change your computer’s settingsWindows NT blue screen Computer fails to restart Getting out of the Virtual Partition Cancelling a Ghost.exe operationInstalling and uninstalling Norton Ghost Writing to a recordable CD or DVD Connecting using USB peer-to-peerSee Installing from the command line on Supported CD-R/RW and DVD drives Inaccessible CD-ROM drive IDE CD-ROM drives CD-R/RW disc Loading CD-R/RW drivers Using the correct boot diskOutdated computer Bios Loading Ghost.exe from the floppy disk drive Using third-party software to write to the CD-R/RW disc Outdated CD-R/RW drive BiosUsing PC-DOS or MS-DOS To write an image to CD using third-party software Diagnostics Creating a full diagnostic statistics dump summary Hard drive detection and diagnostic informationAbort error file Ghosterr.txt View Log Testing TCP/IP functionality \ ping LocalHost Testing TCP/IP functionality Installing Norton Ghost from the command line Choosing an interface type for installation Choosing an installation mode Table H-1 Installing from the command lineProperty Default value Description Msiexec /x path to msi package \Norton Ghost.msi /q or /qb Uninstalling from the command lineTo uninstall Norton Ghost from the command line Table H-2 Support for old and dis versions Service and support solutionsTechnical support Customer service Worldwide service and support Service and support offices Other Latin America Subscription policyMexico Glossary Partition Index Index Index LPT USB Index CD Replacement Form Norton Ghost