NewSID and Server 2008 R2 - fixing BSOD

Published on
4,195 Points
Last Modified:
NorthernTel & Telebec Managed Services
We are a Managed I.T. Service provider within the Bell Canada family.
For anyone that has accidentally used newSID with Server 2008 R2 (like I did) and hasn't been able to get the server running again because you were unlucky (as I was) and had no backups - I was able to get things working by doing a Registry Hive recovery.

In my case, the system was a Virtual Machine.  That shouldn't matter except for having to use physical media or potentially just mounting an ISO through the hypervisor.

For example, in Hyper-V 2016, right clicking the VM (guest) and settings then locating your DVD drive on the left menu will display something like this:


Or ESXi 6.5:

XenServer 6.2:

The exact appearance will differ depending your your version of Hyper-V, VMWare, or XenServer, or whatever other Hypervisor you may be using.

In my case, I was using XenServer and booted the Server 2008 R2 installation disc using a mounted ISO.

Once you get the install screen, choose your language settings, then click Next.

Click the Repair your computer link at the bottom left side.

Now, pick "Use recovery tools..."

**Take note of the Location your OS is listed as.  You'll need this later.

Finally, select Command Prompt.

My OS volume got the letter D: (instead of C:).  Just pay attention to what letter you get and change accordingly.

Then I navigated to D:\Windows\System32\config\ using the change directory command:

First, change drive letter to the OS volume you noted in the "Use recovery tools" step above by just typing the drive letter and colon (:)


Then using the change directory command, navigate to the config folder:

cd D:\Windows\System32\config

You can list the contents by typing the list directory command: dir

From there I renamed these 5 files:

  • SAM

to *.old (where * is the original file name):

  • DEFAULT.old
  • SAM.old
  • SECURITY.old
  • SOFTWARE.old
  • SYSTEM.old

using the rename command:

example: ren DEFAULT DEFAULT.old

Check your work with another dir command.  I highlighted the 5 files that got renamed in the image below:

Finally, I copied the registry-hives from the D:\Windows\System32\config\RegBack\ folder to the D:\Windows\System32\config\ folder using the Copy command:

copy D:\Windows\System32\config\RegBack D:\Windows\System32\config

Once that was accomplished, rebooted the system (normally).  Eureka, no more BSOD.

To reboot, just exit the command prompt (type exit) and then click the reboot button at the System Recovery Options screen.

After logging into Windows, I got a message that the contents of the recycle bin were corrupt, but after clicking ok to empty it, all was good.

I did run into a few other things that stopped working, but was able to easily fix them (Tasks in task scheduler were corrupt - re-created them as well as a few applications (specific to this server) that were supposed to startup with the OS that weren't, such as Filezilla FTP server).  The specifics on what applications may need to be re-installed or fixed will depend your your particular environment.

Of course, the duplicate SID from the cloning was back, but using the proper tool "sysprep" fixed it, which is simply this:

Start>Run and type sysprep

This opens the location the application is stored in (C:\Windows\System32\sysprep)

Run the tool and set to the following:

Keep in mind that once complete, you'll need to re-activate windows.


Featured Post

Making Bulk Changes to Active Directory

Watch this video to see how easy it is to make mass changes to Active Directory from an external text file without using complicated scripts.

Join & Write a Comment

This tutorial will show how to push an installation of Backup Exec to an additional server in both 2012 and 2014 versions of the software. Click on the Backup Exec button in the upper left corner. From here, select Installation and Licensing, then I…
This tutorial will walk an individual through the steps necessary to configure their installation of BackupExec 2012 to use network shared disk space. Verify that the path to the shared storage is valid and that data can be written to that location:…

Keep in touch with Experts Exchange

Tech news and trends delivered to your inbox every month