In their most recent webinar, Skyport Systems explores ways to isolate and protect critical databases to keep the core of your company safe from harm.
In my case, the system was a Virtual Machine. That shouldn't matter except for having to use physical media or potentially just mounting an ISO through the hypervisor.
For example, in Hyper-V 2016, right clicking the VM (guest) and settings then locating your DVD drive on the left menu will display something like this:
Or ESXi 6.5:
The exact appearance will differ depending your your version of Hyper-V, VMWare, or XenServer, or whatever other Hypervisor you may be using.
In my case, I was using XenServer and booted the Server 2008 R2 installation disc using a mounted ISO.
Once you get the install screen, choose your language settings, then click Next.
Click the Repair your computer link at the bottom left side.
Now, pick "Use recovery tools..."
Finally, select Command Prompt.
My OS volume got the letter D: (instead of C:). Just pay attention to what letter you get and change accordingly.
Then I navigated to D:\Windows\System32\config\ using the change directory command:
First, change drive letter to the OS volume you noted in the "Use recovery tools" step above by just typing the drive letter and colon (:)
Then using the change directory command, navigate to the config folder:
You can list the contents by typing the list directory command: dir
From there I renamed these 5 files:
to *.old (where * is the original file name):
using the rename command:
example: ren DEFAULT DEFAULT.old
Check your work with another dir command. I highlighted the 5 files that got renamed in the image below:
Finally, I copied the registry-hives from the D:\Windows\System32\config\RegBack\ folder to the D:\Windows\System32\config\ folder using the Copy command:
copy D:\Windows\System32\config\RegBack D:\Windows\System32\config
Once that was accomplished, rebooted the system (normally). Eureka, no more BSOD.
To reboot, just exit the command prompt (type exit) and then click the reboot button at the System Recovery Options screen.
After logging into Windows, I got a message that the contents of the recycle bin were corrupt, but after clicking ok to empty it, all was good.
I did run into a few other things that stopped working, but was able to easily fix them (Tasks in task scheduler were corrupt - re-created them as well as a few applications (specific to this server) that were supposed to startup with the OS that weren't, such as Filezilla FTP server). The specifics on what applications may need to be re-installed or fixed will depend your your particular environment.
Of course, the duplicate SID from the cloning was back, but using the proper tool "sysprep" fixed it, which is simply this:
Start>Run and type sysprep
This opens the location the application is stored in (C:\Windows\System32\sysprep)
Run the tool and set to the following:
Keep in mind that once complete, you'll need to re-activate windows.
|How to Deleting a SSL Certificate using MMC||9,155|
|OfficeMate Freezes on Login||826|
|Security-Only or Monthly-Rollup: That is the update question.||1,930|
|Remote Desktop Connection, “The server’s authentication policy does not allow connection requests using saved credentials. Please enter new credentials.”||488|