Solved

Refreshing SID's in Active Directory 2000

Posted on 2006-11-06
4
294 Views
Last Modified: 2013-12-23
I have 5 machines that are all identical, all Windows XP Professional 64. All were setup using the same ghost image which was take of 1 of the machines. Unfortunately sysprep was not run before taking the image so when all the machines were setup they all had the same name, on the same domain, with the same SIDs. Upon booting up the each machine, i removed it from the domain, changed the name and then rebooted. Then i added it back into the domain. I was under the impression that this would create new SIDs but i don't think it has. We are now getting user errors when trying to login to these machines saying the computer/user has been locked out. I assume this has something to do with duplicate SIDs in Active Directory. Does anyone know how i can resolve this problem? How can i renew the SIDs for each machine?
0
Comment
Question by:Forensicon
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 2
4 Comments
 
LVL 84

Accepted Solution

by:
oBdA earned 500 total points
ID: 17885277
The only way to get your systems back to a state where you will be able to get MS support if you should ever need it is to re-image them correctly (which means deploying an image that has been syspreped; note the part about "If an image was created without the use of sysprep, Microsoft does not support the running of Sysprep after the image is deployed as a way to bring the computer back into compliance.") If you can live without support, you can just run it on the machines.
The Microsoft policy concerning disk duplication of Windows XP installations
http://support.microsoft.com/?kbid=314828
There's a link in the article to Sysinternal's NewSid, but I don't know if this will run on XP 64 as well (and it doesn't solve the support problem).
Whichever method you chose, unjoin the machines from the domain before you start!
0
 
LVL 5

Expert Comment

by:cjtraman
ID: 17887177
http://www.sysinternals.com/Utilities/NewSid.html

check if that helps..Ensure you remove the desktop from domain before imaging.
0
 
LVL 84

Expert Comment

by:oBdA
ID: 17887771
"Did you ever have a Deja Vu, Mrs. Lancaster?" - "I don't think so, but I could check with the kitchen." [Groundhog Day]
0
 

Author Comment

by:Forensicon
ID: 17899368
THanks for your help guys. Turns out i didn't need to go through any of those steps though. After Makings sure all the machines had different IPs (they didn't), and changing their names and removing them and re-adding them to the Domain everything seems to work again. That sysinternals program is pretty cool though, thanks for the info.
0

Featured Post

[Webinar] Code, Load, and Grow

Managing multiple websites, servers, applications, and security on a daily basis? Join us for a webinar on May 25th to learn how to simplify administration and management of virtual hosts for IT admins, create a secure environment, and deploy code more effectively and frequently.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Enterprise networks where VoIP phones have been deployed frequently use port configurations that allow both a computer and an IP phone to be plugged into the same switch port but use different VLANs. On Cisco equipment I'm referring to the "native V…
Are you one of those front-line IT Service Desk staff fielding calls, replying to emails, all-the-while working to resolve end-user technological nightmares? I am! That's why I have put together this brief overview of tools and techniques I use in o…
With Secure Portal Encryption, the recipient is sent a link to their email address directing them to the email laundry delivery page. From there, the recipient will be required to enter a user name and password to enter the page. Once the recipient …
In a recent question (https://www.experts-exchange.com/questions/29004105/Run-AutoHotkey-script-directly-from-Notepad.html) here at Experts Exchange, a member asked how to run an AutoHotkey script (.AHK) directly from Notepad++ (aka NPP). This video…

738 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question