Disclaimer: The first thing I have to say is use this at your own risk.
XMove is designed to simply backup directories (with some compression) and to restore them. The primary feature for using this instead of the windows tool is if you anticipate the potential for catastrophic failures and you also anticipate having a backup of your data (namely the data generated by this tool). It saves all of the security settings of the files and the users involved and stores that list of users internally as well. It then allows you to remap those users from the old domain where the backup occurred to the new domain (which is also handy if you prop data into multiple environments with different domains).
I've only tested this on Windows 2003 and Windows XP. Your mileage may vary. Reparse points aren't supported. If you don't know what they are, you don't need to worry about it. For those that do, you will end up with two copies instead of two files linked to the same data.
Here's the help generated by the file:
Exactly one of: -b, -r, -t, -d, or -u should be specified! Exactly one backup file should be specified! XMove -- cross domain backup and restore tool. Usage: [[[-b|-r|-d]
]|[-u|-t]] -f [-m ] [-b|-r|-d] -- backup the specified path -- restore to the specified path -- display the path in the backup file -u -- list users in the file -t -- test the backup file with the specified map -f -- the backup file name -m -- the name of the map file on restore or test only Examples: XMove -b c:\mydir -f c:\mydir.bkp -- backs up c:\mydir directory into c:\mydir.bkp (includes "mydir") XMove -r d:\newdir -f c:\mydir.bkp -- restores the mydir directory creating d:\newdir\mydir with the same domain credentials as the original. XMove -d mydir -f c:\mydir.bkp -- displays a directory listing of the files and directories in the mydir directory of the mydir.bkp file. XMove -u -f c:\mydir.bkp -- displays the users in \ format that occur in the file descriptions. XMove -r d:\newdir -f c:\mydir.bkp -m c:\users.map -- restores the mydir directory creating d:\newdir\mydir with the new credentials specified in the map file. Map file format: <originallogin> <newlogin1>, <newlogin2>, ... <originallogin> The first maps the original user to multiple target users. The second removes a user from the list of credentials for the target file. Note: Some mapping will result in conflicting permissions for a file or directory. The -t option is supplied to ensure this possibility does not occur.
The map file can further constrain how to map users based on the context they appear in. You can constrain the original login matching algorithm by prefixing the entry by one of "O" (owner) , "G" (group), "D" (DACL), and "S" (SACL). If none of these entries appear then the mapping will be assumed to apply to all instances found. Only one of the above can be added to a line (you can't have OD for example).
A sample map file (that i've used when flattening my domain going from win2k to win2k3):
O"BUILTIN\Administrators" "PIVOTAL\Administrator" "BUILTIN\Administrators" "PIVOTAL\Administrator", "PIVOTAL\Domain Admins" "S-1-5-21-507921405-1682526488-1343024091-513" "PIVOTAL\Domain Admins" "Everyone" "PIVOTAL\Users GoldenEmpires.com" "ONEODDSOCK\GoldenEmpires Users" "PIVOTAL\Users GoldenEmpires.com" "ONEODDSOCK\IWAM_RESOLUTION" "email@example.com" "ONEODDSOCK\blue" "PIVOTAL\Administrator" "ONEODDSOCK\Domain Users" "PIVOTAL\Domain Admins" "ONEODDSOCK\wendy" "PIVOTAL\Administrator" G"NT AUTHORITY\SYSTEM" "PIVOTAL\Domain Admins" "NT AUTHORITY\SYSTEM" "NT AUTHORITY\SYSTEM" "BUILTIN\Users" "PIVOTAL\Users GoldenEmpires.com" "ONEODDSOCK\VS Developers" O"ONEODDSOCK\IUSR_RESOLUTION" "PIVOTAL\Administrator" "ONEODDSOCK\IUSR_RESOLUTION" "firstname.lastname@example.org" O"ONEODDSOCK\jason" "PIVOTAL\Administrator" "ONEODDSOCK\jason" "PIVOTAL\jason" "ONEODDSOCK\matt" "PIVOTAL\Administrator" "ONEODDSOCK\scrose" "PIVOTAL\Administrator" "ONEODDSOCK\kael" "PIVOTAL\Administrator"
Quotes are important.