Solved

Refreshing SID's in Active Directory 2000

Posted on 2006-11-06
4
285 Views
Last Modified: 2013-12-23
I have 5 machines that are all identical, all Windows XP Professional 64. All were setup using the same ghost image which was take of 1 of the machines. Unfortunately sysprep was not run before taking the image so when all the machines were setup they all had the same name, on the same domain, with the same SIDs. Upon booting up the each machine, i removed it from the domain, changed the name and then rebooted. Then i added it back into the domain. I was under the impression that this would create new SIDs but i don't think it has. We are now getting user errors when trying to login to these machines saying the computer/user has been locked out. I assume this has something to do with duplicate SIDs in Active Directory. Does anyone know how i can resolve this problem? How can i renew the SIDs for each machine?
0
Comment
Question by:Forensicon
  • 2
4 Comments
 
LVL 84

Accepted Solution

by:
oBdA earned 500 total points
ID: 17885277
The only way to get your systems back to a state where you will be able to get MS support if you should ever need it is to re-image them correctly (which means deploying an image that has been syspreped; note the part about "If an image was created without the use of sysprep, Microsoft does not support the running of Sysprep after the image is deployed as a way to bring the computer back into compliance.") If you can live without support, you can just run it on the machines.
The Microsoft policy concerning disk duplication of Windows XP installations
http://support.microsoft.com/?kbid=314828
There's a link in the article to Sysinternal's NewSid, but I don't know if this will run on XP 64 as well (and it doesn't solve the support problem).
Whichever method you chose, unjoin the machines from the domain before you start!
0
 
LVL 5

Expert Comment

by:cjtraman
ID: 17887177
http://www.sysinternals.com/Utilities/NewSid.html

check if that helps..Ensure you remove the desktop from domain before imaging.
0
 
LVL 84

Expert Comment

by:oBdA
ID: 17887771
"Did you ever have a Deja Vu, Mrs. Lancaster?" - "I don't think so, but I could check with the kitchen." [Groundhog Day]
0
 

Author Comment

by:Forensicon
ID: 17899368
THanks for your help guys. Turns out i didn't need to go through any of those steps though. After Makings sure all the machines had different IPs (they didn't), and changing their names and removing them and re-adding them to the Domain everything seems to work again. That sysinternals program is pretty cool though, thanks for the info.
0

Featured Post

Manage your data center from practically anywhere

The KN8164V features HD resolution of 1920 x 1200, FIPS 140-2 with level 1 security standards and virtual media transmissions at twice the speed. Built for reliability, the KN series provides local console and remote over IP access, ensuring 24/7 availability to all servers.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

This article is in response to a question (http://www.experts-exchange.com/Networking/Network_Management/Network_Analysis/Q_28230497.html) here at Experts Exchange. The Original Poster (OP) requires a utility that will accept a list of IP addresses …
We recently endured a series of broadcast storms that caused our ISP to shut us down for brief periods of time. After going through a multitude of tests, we determined that the issue was related to Intel NIC drivers on some new HP desktop computers …
Established in 1997, Technology Architects has become one of the most reputable technology solutions companies in the country. TA have been providing businesses with cost effective state-of-the-art solutions and unparalleled service that is designed…
Email security requires an ever evolving service that stays up to date with counter-evolving threats. The Email Laundry perform Research and Development to ensure their email security service evolves faster than cyber criminals. We apply our Threat…

830 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question