Solved

Change of SID using "GHSTWALKER.EXE" results in loss of access to all previously saved profiles

Posted on 2006-06-23
13
946 Views
Last Modified: 2012-06-22
This is a serious problem which needs solving as soon as possible.  I really need help.

I have used "ghstwalker" many times to change SID numbers on my Win2000 PCs without any problems, by booting from a dos floppy.

Now we have 10 new Fujitsu Siemens laptops with XP pro, no floppy disk.

I have installed a Volume licence XP pro again, joined the domain, created both local and domain profiles, then taken the laptop out of the domain back to a Workgroup, taken an image and rolled it out to the other 9 laptops.  I then change the names on the laptops.  Everything works well.  The 3 local profiles work well.

Then I change the SID number by using ULTIMATE BOOT CD 3.4 to run GHSTWALK.EXE over the network from a network share on my workstation. Remember I have no floppy disk station.  GHSTWALK.exe runs exactly as it should.  

But when I reboot and try to run one of the 3 local profiles: Administrator, Home, or Child, the following completely new profiles are created:
Administrator.laptopname
Home.laptopname
Child.laptopname

The original 3 local profile folders under Documents and Settings are still there but cannot be run:

Administrator
Home
Child

Under the USER ACCOUNTS applet in the Control Panel, all 3 local accounts are present.

However under the USER PROFILE applet (right click My computer, Properties, Advanced, User Profiles) both the HOME and CHILD profiles have vanished and there are 2 identical administrator profiles.

Clearly this is a SID issue.

To make things even more confusing, 2 laptops rebooted successfully after the SID change and I had full access to my profiles, no duplicates were created, I rejoined the domain.  They are now finished and ready for use.

WHY DO THE OTHERS NOT WORK?

IMPORTANT POINT: The first time I changed the SID on the 1st clone, I had exactly the same problem, so I rolled out the same image again to the laptop. It would not even boot up, so I sent the same image again a 3rd time, changed the SID and everything worked fine.  This is one of my 2 working laptops.

I am using BARTS PE cd to create and roll out images using Ghost32.exe.  The conventional Symantec Ghost boot CDs have never worked on these laptops, hence BARTS PE cd.

Help please!
0
Comment
Question by:Alistair7
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 7
  • 6
13 Comments
 
LVL 38

Expert Comment

by:younghv
ID: 16967412
Hi Alistair,
Unless you are in an NT Domain, you do not need to change the SID from a Ghost image.
The act of adding the box to the domain will do that for you.

Just load your image and add the box to the Domain - the SID will be created at that time.

Good Luck,
Vic
0
 

Author Comment

by:Alistair7
ID: 16967665
It's a Windows 2003 active directory domain.
0
 

Author Comment

by:Alistair7
ID: 16967801
Any comments Vic?
0
[Live Webinar] The Cloud Skills Gap

As Cloud technologies come of age, business leaders grapple with the impact it has on their team's skills and the gap associated with the use of a cloud platform.

Join experts from 451 Research and Concerto Cloud Services on July 27th where we will examine fact and fiction.

 
LVL 38

Expert Comment

by:younghv
ID: 16967827
Sorry for the delay - I left home and drove over to the base.

AD has removed a lot of the old SID problems that existed with NT.
If you skip the whole SID process you're doing and just add the boxes to your AD Domain, I think you will see that your boxes are up, running, and authenticating with your DC's.

Try it on a couple of boxes and let me know.

I'll check back in later.
Vic
0
 

Author Comment

by:Alistair7
ID: 16968179
Thanks for your comments Vic. Although I must admit I'm feeling somewhat speechless at the moment.  I've only being doing this IT work now for 5 years so I'm not very experienced.  But everything I have heard and read til now has told me that I must change the SID numbers before joining a 2003 active directory domain by using either GHOST WALKER or SYSPREP.

I suppose it wouldn't hurt to try.  I can't forsee any negative consequences.  But I would rather like to have confirmation of this from another source as well if possible.

????
0
 
LVL 38

Expert Comment

by:younghv
ID: 16968241
Understood.
We didn't stand up our first AD Domain until about 3 years ago.
All of us 'Old-Timers' had a real hard time with many of the changes.
I will try to find you a specific reference regarding SID and AD.
The neat thing is that XP and AD tend to be a whole bunch smarter than the old systems - and that is a GOOD thing.
Back later.
Vic
0
 

Author Comment

by:Alistair7
ID: 16968339
Thanks a lot.  I'm holding my breath!!
0
 
LVL 38

Accepted Solution

by:
younghv earned 500 total points
ID: 16968400
Alistair,

One of my favorite web-sites: http://www.sysinternals.com/Utilities/NewSid.html

"Duplicate SIDs aren't an issue in a Domain-based environment since domain accounts have SID's based on the Domain SID."

If you do want to force a change in SID - their "newSID" program sure has the right price (free).

Good Luck,
Vic

0
 

Author Comment

by:Alistair7
ID: 16968450
This looks REALLY interesting.  Very promising!!  I'm reading reading ........
0
 

Author Comment

by:Alistair7
ID: 16969270
It worked!!  I used "newsid" instead and it worked.

Thanks a heap.  You've really saved my bacon.  The summer holidays start today and I can now send the teachers home with their laptops finished.

What a relief.

Many thanks

Al
0
 
LVL 38

Expert Comment

by:younghv
ID: 16969369
Al,
A pleasure to help out one of my British 'cousins'.
"Anywhere, anytime".
Thank you for the points.

Semper Fidelis,
Vic
0
 

Author Comment

by:Alistair7
ID: 16969885
British!!!   What an insult.  I'm Australian living in Norway.

Just joking.  I lived in Britain for 8 years and have many friends there.
0
 
LVL 38

Expert Comment

by:younghv
ID: 16969937
OOPS! (sorry),
It was the spelling of "licence" that tricked me.

For military folks, the Aussies are our "Brothers" - not 'cousins'.
Vic
0

Featured Post

Salesforce Made Easy to Use

On-screen guidance at the moment of need enables you & your employees to focus on the core, you can now boost your adoption rates swiftly and simply with one easy tool.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Disclosure: Use this tutorial only when no other options helps to get Windows XP running without any problems and you don't want to format the drive. The back up of the data is the responsible of the user, however there is a description of how t…
We have adopted the strategy to use Computers in Student Labs as the bulletin boards. The same target can be achieved by using a Login Notice feature in Group policy but it’s not as attractive as graphical wallpapers with message which grabs the att…
Two types of users will appreciate AOMEI Backupper Pro: 1 - Those with PCIe drives (and haven't found cloning software that works on them). 2 - Those who want a fast clone of their boot drive (no re-boots needed) and it can clone your drive wh…
Michael from AdRem Software outlines event notifications and Automatic Corrective Actions in network monitoring. Automatic Corrective Actions are scripts, which can automatically run upon discovery of a certain undesirable condition in your network.…

636 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question