Welcome to the migRaven online manual!

migRaven is the file server tool for the easy migration of complex file server structures in case of timely structuring of the necessary Microsoft-conformal NTFS-authorizations.


In the navigation menu on the left side, please find all instructions as well as technical information regarding migRaven.

For example click on installation, in order to display all necessary steps (for free trial version and purchase version) By clicking the [+] next to the Help category, you can unfold an overview of the individual contributions.

Do you have any questions or did you encounter any difficulties?

Send an email to:

Or call us at:
+49 (30) 8095010-40


Your aikux.com Team

Steps to go with migRaven




read AD group configuration Scan Resources Novell migration Import table project types View Design & Work migration View Deploy Groups Deploy ACL Deploy Data

Updating migRaven

migRaven Version 3.2 for Windows

migRaven Version 3.2.1019 and Database Version

The database version  belongs to migRaven version 3.2.1019. This runs with Java 8, 64bit-Version.

System Requirements

With reference to the hardware 8 GB RAM and minimum 2 core is needed.
The pre-requisite for version 3.2 is Java 8, 64 bit, and a 64bit- (Windows-) operating system.
Further a .NET framework version 4.52 is required.

Database Service

The database version belongs to migRaven 3.2.1019. The service is called “migRavenDB” and displayed as “migRaven Graph Database”.


Installation Instructions

uninstall existing components

For the installation of one of the two migRaven versions, we recommend the complete uninstallation of any existing version. All operating steps are to be carried out with administrative rights.

  1. Close the database service “migRaven Database” (“migRavenDB”)  in the service administration.
  2. Then in the system control the program “migRaven” is removed, likewise the database “migRavenDB”.
  3. The content of the database with its AD- and project–data will not be removed during the database -uninstallation. Therefore, you have to delete it manually. This data is located in c:\Program\Files\migRavenDB\DB\data\. Because of structural changes, the content from an older database cannot be used any more.

Installation of the new Components

  1. Now the new components can be installed in any order. The database is registered and started in the installation as service “migRavenDB”.
  2. After that you can start migRaven as administrator.



Version Check

In the system administration you can check, whether the correct versions are installed.



Version check for Java, migRaven and database


Check the Database

  1. In the service administration the service “migRavenDB” must be running.
  2. In a web browser you reach the database with “http://localhost:7474/”. The database web interface will appear with several options, e.g. showing the database version.

Neo4-DB 2.2.2.

migRaven database


Instructions: migrating from Novell to Microsoft

1. Read trustee information from the Novell server 

1.1. Source: Novell Netware

Output Permissions with the Trustee.nlm command

Novell Netware does not have any trustee-database.xml. The trustees however can be read with the console command trustee.nlm.
An example for the syntax is:

TRUSTEE /ET /D SAVE VOL1: sys:\trustee-vol1.csv

/ET for permissions, without ownership
/D for directories, without files
VOL1: permissions and directories from this volume
sys:\trustee-vol1.csv is the output file

If the output file contains unwanted information other than the trustees, you can generate a file reduced to TRUSTEEs with:
FIND “TRUSTEE” trustee.csv > only_trustee.csv

Conversion from ASCII in ANSI

Result of the trustee.nlm is a CSV-file. It is created in ASCII-format. Entries like umlauts or special symbols can represent a problem. The file must be converted into an ANSI-format.

This is possible, for example, in the following way with Excel:

  1. Open Excel
  2. Select the tab “Data”
  3. In the column “access external data”, select “from text” and import the output CSV-file
  4. With the parameters:
    • File type: separated
    • File origin: MS-DOS (PC-8)  !!!
    • Separation symbol: comma
    • press finish

Now, all umlauts and special symbols are correctly represented in this file.

Editing the Data

The output file contains five columns, which must be slightly edited for migRaven.

1. column: Only the lines with “TRUSTEE” are required. All other lines can be removed.
Finally the 1st column is emptied, must however remain for the “depth”.

2. – Path: The volume before the directory is removed. However, the directory remains. For example with the Excel command =SUBSTITUTE (B1;”VOL1:”;””;1).

3. – LONG: This column must be removed.

4. – trustee: A dot is placed at the beginning of all entries in this column, like .Meier.EDV.KMF. for example, with the Excel command = CONCATENATE(“.”;D1).

5. – permissions: The column contains the Novell permissions. These must be converted into NTFS permissions corresponding to the table 2 (see paragraph 3). The column with the NTFS permissions must then be moved in front of the trustee column.

The table structure for migRaven must correspond to the table 3 (see paragraph 1.3.):

NetWare trustees

Fig 1: conversion of the table created with trustee.nlm in the format necessary for migRaven

1.2. Source: Novell Open Enterprise Server

Export the explicit authorizations via the Trustees from the Novell System 

The Trustee-Information from the Trustee_database.XML files is the basis for migrating from Novell to Microsoft via migRaven. In these files, the directory information and the authorizations are included.

For the next steps in migRaven, the XML-files must be provided from the Novell Volume to be converted.

Read the rest of this entry »

Instructions: How do migRaven and 8MAN work together?

       Version 2:  starting from migRaven Version  2.1.1042.2 and 8MAN Version 5.6.147 ,    As on: 20.11.2014

migRaven  8MAN Relation

            Image 1: Overview

Read the rest of this entry »

migRaven Release Notes

migRaven Version 5.0.1003

mit Database-Version

Release Date 05/17/2016


Prior to installing this new version of migRaven, any previous versions, currently installed, will need to be completely removed. To begin with, stop the “migRaven Database” service.
Then “migRaven” and “migRavenDB” can be uninstalled using ‘Programs and Features’ from the Control Panel in Windows. Finally, the contents of the following directory need to be deleted: “c:\Program Files\migRavenDB\DB\data”. It contains data from the old version of migRaven, which is no longer compatable with this release.

After these steps have been completed, the new version and database can be installed (in any order).






The biggest change in this release of migRaven is the “GPO” project (Group Policy Object), which migrates Share permissions assisted by Group Policies. This makes it possible to process enormous amounts of data in under an hour. The new permissions are saved to the original Share and the old permissions are deleted. This is in contrast to the “Redesign-Project”, which requires the creation of a new, empty Share. Therefore, the need to copy data is eliminated.

Go to “Group Policy Project

Known Issues

‘Drag & Drop’ – View
After changing directories in the ‘Drag & Drop’ view, group members are not immediately updated in the corresponding view. Clicking on another line in the same window, and then returning to the group, alleviates the problem.

‘Drag & Drop’
Acquired subdirectories are not immediately updated. Clicking on “Design & Work” in the upper workflow bar refreshes the display and updates the acquired directories.

Deploy Data
Umlauts (i.e. ü, ö, ä) in the path name may prevent the batch from building. The number of log files created must match the number of robocopy command lines in the cmd file. The batch builds successfully by redirecting it to a log file (for example, 2016_02_26_09_12_33.cmd > log.txt).

Memory used for displaying a large number of group members is not released. For example, 50,000 members of the ‘Users’ group exceeds 2 GB. Subsequent processing runs more slowly until “not responding” is displayed when the memory is full. Terminating migRaven and restarting is required.

‘Drag & Drop’, Ressource Scan

Some Share-subdirectories may be deleted under the following conditions:

  • when one or more subdirectories are are selected from the source directory and..
  • when the Table-Mode is used and..
  • when a Share subdirectory is taken from the initial state in Drage&Drop-Mode (triggers the error)

This triggers the deletion of some Share-subdirectories that didn’t exist in the initial state, but were subsequently added. (Share-subdirectories that were added using Table-Mode or Drag&Drop-Mode and various target directories under the Share)

Updated System Requirements 

  • 64bit-Windows OS (Windows 7, Windows 8, Server 2008 or newer)
  • 8 GB Memory, preferably more…
  • at least 2 Cores i5 or i7, HDD 20 GB
  • Java 8, 64bit
  • .NET Framework Version 4.52

Read the rest of this entry »

Project typ “Novell Migration”

Case Instructions Novell Migration

You can find our complete Novell migration instructions here: Instructions – from Novell to Microsoft

View – visual interface

The view is the visual representation of the authorization structure, once the read (initial state) and after the “Design & Work” the planned authorization structure (new state).

Initial state – the read authorization structure

The “View initial state” is the only component of the project type “Migration per Scan”. It shows the authorization structure of a read Windows-Share.

After reading the output directory, migRaven lands in the View – initial state.
You can move on the left side by the directory structure. On the right hand side you see the authorized groups and accounts and their rights for a directory selected on the left hand side. Below that you can display the members of the groups, the accounts, you may change or all members entitled to this directory.

Initial state

The next work step is  “Design & Work”.

After the “Design & Work”, we automatically land again in the View, this time with the visual representation of the planned authorization structure.

New state – the planned authorization structure

The view New state displays the planned authorization structure. A major difference in the current status is that in case of target status, sub-directories without explicit authorizations, under which no authorization end point exists, are not displayed. Furthermore you will normally miss the authorizations of groups “User”, “Administrators” and “Owner” coming from above. You must think that the target status is a simulation. If this is written into the target path, then the available permissions are acquired from above and is evident in the sub-directories.

New state

The next work step is “Deploy Groups”.

Display initial and new state

There are two buttons on the top left-hand side: “Initial state” and “New state”
These function like enable and disable, with which we can enable and/or remove the respective status at will. Thus both the status can be enabled and you can compare the authorizations in the output- and planned structure.

Initial and new state

Project statistic

A further component of the view is the Project statistic.


Table mode

1. Mapping Permissions

The first step in the table mode is the mapping of permissions.

Only then can you fill your table to set permissions.

2. Filling Table

The data is inserted here depending on the type of project. In case of “Scan Your resources“, the data is taken over from the initial state with the help of the button “Start filling”. The excel tables can be read in the “Import or create a table” and “Novell-migration“.

Further in all the types of projects it is possible to manually insert rows and change values. Here you must pay attention to the syntax of the field content and the column headers.

Head row

2.1  Options

Prior to the transfer of the data, there are several options which can influence the data transfer.

Transfer of Directories

With the default settings, directories and permissions down to three levels under the Share are imported. If there are permissions even below that, which you wish to transfer, you can set this value up to 10 levels.

Exclude Accounts

This function acts as a filter. The users and groups entered here are not transferred. It is possible that you wish to remove here the groups or users from the grown structures, or remove them under permitted administrators to permit them once on the Share. After entering the first characters, the objects matched from the AD are listed out. You can select the objects with the tab or press enter and continue the search. The number of entries is not limited.


Include directories that only contain inherited permissions

In this function not only are the directories transferred, which are explicitly permitted, but also those with inherited permissions. In case of continuation of the program they are explicitly transferred from these inherited permissions. This is not so useful, rather it saves time for taking path name without tedious typing but then you have to delete a lot. This must be observed, otherwise, numerous excessive ACL entries are generated.

Start Filling

With this, you can transfer the scanned initial structure to the present table after considering the adjusted options.

For Validation

If data is not transferred from the initial structure by filling, instead through manual entries, then you come to the next step with “To the validation”.

2.2. Editing the Table


Editing the Table

Read the rest of this entry »

permission mapping

After scanning your shares the permission mapping table is displayed, if in the scanned share permissions were found, which deviate from the standard permissions. These permissions can be converted into standard permissions through the mapping table.

The standard permissions for migRaven are:

Permission            type          Propagation (applicates to)

Read and Execute      Allow         this folder, sub folder, files
Write                 Allow         this folder, sub folder, files
Modify                Allow         this folder, sub folder, files
Modify Plus*          Allow         this folder, sub folder, files   (more about ModifyPlus)
Full Control          Allow         this folder, sub folder, files

Deviating Permissions

In the mapping table the permissions deviating from the standard permissions, which were found in the complete share, are displayed.

Deviating permissions are marked by

  • a deviating composition of the extended permissions
  • another type, thus “Deny”
  • another propagation

Additional parameters, like synchronize and “permit only for objects and/or container to be taken over in this container” are not considered here.

Permission mapping_2

Permission Mapping

In the mapping table the deviating permissions are displayed and you have the possibility to substitute each of these deviating permissions with a standard permission of migRaven. You can also ignore permissions, so they are not transferred.
However, if we recommend to you to modify a certain right, suitable standard- permissions are displayed by migRaven.

The columns of the mapping-table:

  1. Permission
    Here is the name of the permissions based as per Microsoft is displayed, if such a permission is not there, for the components of the extended permission.
  2. ID
    For each of these rights there is an ID, with which, during the programming, every right is clearly marked. In the web you find this under FileSystemRights.
     Some IDs are:
     1048854   WRITE with Synchronize
     1179785   READ with Synchronize
     1179817   READ AND EXECUTE with Synchronize
     1180063   READ AND WRITE with Synchronize
     1180095   READ AND EXECUTE, Write with Synchronize
     1180159   ModifyPlus*
     1245631   MODIFY with Synchronize
     131209    READ
     131241    READ AND EXECUTE
     131487    READ AND WRITE
     131519    Read And Execute, Write
     197055    MODIFY
     2032127   FullControl 
     278       WRITE
     (With Synchronize, the wait-function on the file – handle for the asynchronous read and write is controlled.)
  1. Type
    The types Allow and Deny.
  2. Propagation
    The propagation is the application on this folder, sub folder and files and the summarized –variants of these three targets.
  3. Permission Mapping
    Here you must replace the existing permission by a standard permission. In individual cases, migRaven gives a recommendation. With “Ignore” you can ignore the permission. It is then ignored all over the places where it appears. The following entries are available for selection:
     Read and Execute
     Modify Plus*
     Full Control
  1. Hint
    Here we provide you a recommendation for the modification of this permission.

Saving the permission mapping table
If you have substituted all permissions by the desired standard permission, if necessary even by “Ignore”, then you can save the table. In the next project your substitutions are displayed in the column “Permission Mapping”. Only while deleting your database these settings are lost.

After saving, migRaven jumps over to the Table Mode.


*Modify Plus corresponds to the modify-permission, in which the extended permission “delete” is substituted by “delete sub folders and files”. Thereby the authorized user or the authorized group of this folder, on which he has explicitly received the permission, is not deleted, not shifted and not renamed.

Group configuration

In the Group Configuration you can define as to how one should go about with the newly created groups.

The group configuration must be done before the starting a project, as in the course of the project the permission group are created corresponding to this configuration.


Read the rest of this entry »

Seite 1 von 612345...Letzte »