Change of SID using "GHSTWALKER.EXE" results in loss of access to all previously saved profiles

This is a serious problem which needs solving as soon as possible.  I really need help.

I have used "ghstwalker" many times to change SID numbers on my Win2000 PCs without any problems, by booting from a dos floppy.

Now we have 10 new Fujitsu Siemens laptops with XP pro, no floppy disk.

I have installed a Volume licence XP pro again, joined the domain, created both local and domain profiles, then taken the laptop out of the domain back to a Workgroup, taken an image and rolled it out to the other 9 laptops.  I then change the names on the laptops.  Everything works well.  The 3 local profiles work well.

Then I change the SID number by using ULTIMATE BOOT CD 3.4 to run GHSTWALK.EXE over the network from a network share on my workstation. Remember I have no floppy disk station.  GHSTWALK.exe runs exactly as it should.  

But when I reboot and try to run one of the 3 local profiles: Administrator, Home, or Child, the following completely new profiles are created:
Administrator.laptopname
Home.laptopname
Child.laptopname

The original 3 local profile folders under Documents and Settings are still there but cannot be run:

Administrator
Home
Child

Under the USER ACCOUNTS applet in the Control Panel, all 3 local accounts are present.

However under the USER PROFILE applet (right click My computer, Properties, Advanced, User Profiles) both the HOME and CHILD profiles have vanished and there are 2 identical administrator profiles.

Clearly this is a SID issue.

To make things even more confusing, 2 laptops rebooted successfully after the SID change and I had full access to my profiles, no duplicates were created, I rejoined the domain.  They are now finished and ready for use.

WHY DO THE OTHERS NOT WORK?

IMPORTANT POINT: The first time I changed the SID on the 1st clone, I had exactly the same problem, so I rolled out the same image again to the laptop. It would not even boot up, so I sent the same image again a 3rd time, changed the SID and everything worked fine.  This is one of my 2 working laptops.

I am using BARTS PE cd to create and roll out images using Ghost32.exe.  The conventional Symantec Ghost boot CDs have never worked on these laptops, hence BARTS PE cd.

Help please!
Alistair7Asked:
Who is Participating?

[Webinar] Streamline your web hosting managementRegister Today

x
 
younghvConnect With a Mentor Commented:
Alistair,

One of my favorite web-sites: http://www.sysinternals.com/Utilities/NewSid.html

"Duplicate SIDs aren't an issue in a Domain-based environment since domain accounts have SID's based on the Domain SID."

If you do want to force a change in SID - their "newSID" program sure has the right price (free).

Good Luck,
Vic

0
 
younghvCommented:
Hi Alistair,
Unless you are in an NT Domain, you do not need to change the SID from a Ghost image.
The act of adding the box to the domain will do that for you.

Just load your image and add the box to the Domain - the SID will be created at that time.

Good Luck,
Vic
0
 
Alistair7Author Commented:
It's a Windows 2003 active directory domain.
0
Get your problem seen by more experts

Be seen. Boost your question’s priority for more expert views and faster solutions

 
Alistair7Author Commented:
Any comments Vic?
0
 
younghvCommented:
Sorry for the delay - I left home and drove over to the base.

AD has removed a lot of the old SID problems that existed with NT.
If you skip the whole SID process you're doing and just add the boxes to your AD Domain, I think you will see that your boxes are up, running, and authenticating with your DC's.

Try it on a couple of boxes and let me know.

I'll check back in later.
Vic
0
 
Alistair7Author Commented:
Thanks for your comments Vic. Although I must admit I'm feeling somewhat speechless at the moment.  I've only being doing this IT work now for 5 years so I'm not very experienced.  But everything I have heard and read til now has told me that I must change the SID numbers before joining a 2003 active directory domain by using either GHOST WALKER or SYSPREP.

I suppose it wouldn't hurt to try.  I can't forsee any negative consequences.  But I would rather like to have confirmation of this from another source as well if possible.

????
0
 
younghvCommented:
Understood.
We didn't stand up our first AD Domain until about 3 years ago.
All of us 'Old-Timers' had a real hard time with many of the changes.
I will try to find you a specific reference regarding SID and AD.
The neat thing is that XP and AD tend to be a whole bunch smarter than the old systems - and that is a GOOD thing.
Back later.
Vic
0
 
Alistair7Author Commented:
Thanks a lot.  I'm holding my breath!!
0
 
Alistair7Author Commented:
This looks REALLY interesting.  Very promising!!  I'm reading reading ........
0
 
Alistair7Author Commented:
It worked!!  I used "newsid" instead and it worked.

Thanks a heap.  You've really saved my bacon.  The summer holidays start today and I can now send the teachers home with their laptops finished.

What a relief.

Many thanks

Al
0
 
younghvCommented:
Al,
A pleasure to help out one of my British 'cousins'.
"Anywhere, anytime".
Thank you for the points.

Semper Fidelis,
Vic
0
 
Alistair7Author Commented:
British!!!   What an insult.  I'm Australian living in Norway.

Just joking.  I lived in Britain for 8 years and have many friends there.
0
 
younghvCommented:
OOPS! (sorry),
It was the spelling of "licence" that tricked me.

For military folks, the Aussies are our "Brothers" - not 'cousins'.
Vic
0
All Courses

From novice to tech pro — start learning today.