• Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 953
  • Last Modified:

Change of SID using "GHSTWALKER.EXE" results in loss of access to all previously saved profiles

This is a serious problem which needs solving as soon as possible.  I really need help.

I have used "ghstwalker" many times to change SID numbers on my Win2000 PCs without any problems, by booting from a dos floppy.

Now we have 10 new Fujitsu Siemens laptops with XP pro, no floppy disk.

I have installed a Volume licence XP pro again, joined the domain, created both local and domain profiles, then taken the laptop out of the domain back to a Workgroup, taken an image and rolled it out to the other 9 laptops.  I then change the names on the laptops.  Everything works well.  The 3 local profiles work well.

Then I change the SID number by using ULTIMATE BOOT CD 3.4 to run GHSTWALK.EXE over the network from a network share on my workstation. Remember I have no floppy disk station.  GHSTWALK.exe runs exactly as it should.  

But when I reboot and try to run one of the 3 local profiles: Administrator, Home, or Child, the following completely new profiles are created:
Administrator.laptopname
Home.laptopname
Child.laptopname

The original 3 local profile folders under Documents and Settings are still there but cannot be run:

Administrator
Home
Child

Under the USER ACCOUNTS applet in the Control Panel, all 3 local accounts are present.

However under the USER PROFILE applet (right click My computer, Properties, Advanced, User Profiles) both the HOME and CHILD profiles have vanished and there are 2 identical administrator profiles.

Clearly this is a SID issue.

To make things even more confusing, 2 laptops rebooted successfully after the SID change and I had full access to my profiles, no duplicates were created, I rejoined the domain.  They are now finished and ready for use.

WHY DO THE OTHERS NOT WORK?

IMPORTANT POINT: The first time I changed the SID on the 1st clone, I had exactly the same problem, so I rolled out the same image again to the laptop. It would not even boot up, so I sent the same image again a 3rd time, changed the SID and everything worked fine.  This is one of my 2 working laptops.

I am using BARTS PE cd to create and roll out images using Ghost32.exe.  The conventional Symantec Ghost boot CDs have never worked on these laptops, hence BARTS PE cd.

Help please!
0
Alistair7
Asked:
Alistair7
  • 7
  • 6
1 Solution
 
younghvCommented:
Hi Alistair,
Unless you are in an NT Domain, you do not need to change the SID from a Ghost image.
The act of adding the box to the domain will do that for you.

Just load your image and add the box to the Domain - the SID will be created at that time.

Good Luck,
Vic
0
 
Alistair7Author Commented:
It's a Windows 2003 active directory domain.
0
 
Alistair7Author Commented:
Any comments Vic?
0
Upgrade your Question Security!

Your question, your audience. Choose who sees your identity—and your question—with question security.

 
younghvCommented:
Sorry for the delay - I left home and drove over to the base.

AD has removed a lot of the old SID problems that existed with NT.
If you skip the whole SID process you're doing and just add the boxes to your AD Domain, I think you will see that your boxes are up, running, and authenticating with your DC's.

Try it on a couple of boxes and let me know.

I'll check back in later.
Vic
0
 
Alistair7Author Commented:
Thanks for your comments Vic. Although I must admit I'm feeling somewhat speechless at the moment.  I've only being doing this IT work now for 5 years so I'm not very experienced.  But everything I have heard and read til now has told me that I must change the SID numbers before joining a 2003 active directory domain by using either GHOST WALKER or SYSPREP.

I suppose it wouldn't hurt to try.  I can't forsee any negative consequences.  But I would rather like to have confirmation of this from another source as well if possible.

????
0
 
younghvCommented:
Understood.
We didn't stand up our first AD Domain until about 3 years ago.
All of us 'Old-Timers' had a real hard time with many of the changes.
I will try to find you a specific reference regarding SID and AD.
The neat thing is that XP and AD tend to be a whole bunch smarter than the old systems - and that is a GOOD thing.
Back later.
Vic
0
 
Alistair7Author Commented:
Thanks a lot.  I'm holding my breath!!
0
 
younghvCommented:
Alistair,

One of my favorite web-sites: http://www.sysinternals.com/Utilities/NewSid.html

"Duplicate SIDs aren't an issue in a Domain-based environment since domain accounts have SID's based on the Domain SID."

If you do want to force a change in SID - their "newSID" program sure has the right price (free).

Good Luck,
Vic

0
 
Alistair7Author Commented:
This looks REALLY interesting.  Very promising!!  I'm reading reading ........
0
 
Alistair7Author Commented:
It worked!!  I used "newsid" instead and it worked.

Thanks a heap.  You've really saved my bacon.  The summer holidays start today and I can now send the teachers home with their laptops finished.

What a relief.

Many thanks

Al
0
 
younghvCommented:
Al,
A pleasure to help out one of my British 'cousins'.
"Anywhere, anytime".
Thank you for the points.

Semper Fidelis,
Vic
0
 
Alistair7Author Commented:
British!!!   What an insult.  I'm Australian living in Norway.

Just joking.  I lived in Britain for 8 years and have many friends there.
0
 
younghvCommented:
OOPS! (sorry),
It was the spelling of "licence" that tricked me.

For military folks, the Aussies are our "Brothers" - not 'cousins'.
Vic
0
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

Join & Write a Comment

Featured Post

Get expert help—faster!

Need expert help—fast? Use the Help Bell for personalized assistance getting answers to your important questions.

  • 7
  • 6
Tackle projects and never again get stuck behind a technical roadblock.
Join Now