Renaming computers from image in a single domain

Posted on 2007-07-25
Last Modified: 2008-05-31
We have an image of a base XP pro system using Acronis. I did the following:
1. Image a computer name it BaseXP
2. Join domain with same computer name
3. Rename computername to ABC01
4. Bring image (BaseXP) to another computer
5. Rename second image to ABC02
6. Bring image on a third machine and logged on to the same domain.

Now I have 3 different computers (BaseXP, ABC01, ABC02) on the same network in the same domain. In Active Directory, even though I just renamed the computers, and not rejoined the domain with any of them, I am showing all 3 of them as a different maching in Active Directory and everything is working like a charm.
Of course, I was only experimenting and I am quite surprised with the end result.
My reason for trying this was because it is a lot quicker than sysprep and it preserve all of the permissions set on logical drives as well as folders. It also preserve domain user accounts.
I was expecting the renamed computer to replace the existing one and not add a new one to the domain.
I am quite happy with these results, but I am also skeptical.
By the way, I tried removing BaseXP from the domain and it did not affect the other 2 in any way that I can tell. As a matter of fact, both are being used right now and no one is having any issues.
What I am looking for is some inputs from experts that could tell me what could go wrong in a long run.
We are running server 2003 SP2 R2 and XP Pro workstations.
Question by:gablais
    LVL 23

    Expert Comment

    As long as you remember to rename the computer after joining the domain I can't see any problem. Even if you forgotten to rename the computer, next time you join another computer with an existing name your DC will tell you so.
    LVL 29

    Expert Comment

    by:Alan Huseyin Kayahan
          Hi gabalis
                *If you disjoin/rejoin the client or rename , a new computer object will be created with new name, while the old one is NOT! deleted. In future, if you try to join a computer to domain, which has the same name with old computer object in AD or username, a message will pop-up and ask "computer object exist, wpuld you like to use this". If you never choose yes and let it stay inactive, it will stay there untill garbage collection process.
                 *If you remove the computer from domain (Change from domain to workgroup is considered removing. Renaming is not removing), computer will not be effected from GPOs, will have to log on locally not domain account, but still can acqurie IP address from DHCP and can access internet if there is no proxy like ISA. And computer account still stays and wont be deleted untill garbage collection process because of inactivity.
                 This does not affect system in long run. But if you frequently image computers, that will cause junk in Computers in AD.

    LVL 8

    Expert Comment

    I'm not exactly sure what problems you may encounter, but I've a feeling they would be related to security issues on individual machines. If you need a quicker/easier method of making the image unique, I would point you to NewSIS ( This will rename a computer and give it a new SID at the same time. You would use NewSID to rename and re-SID a newly images computer prior to adding it to the domain.
    LVL 82

    Expert Comment

    What you are creating are installations that are unsupported by Microsoft. There can well be issues that you won't notice at the beginning, and to find and resolve (if possible at all) issues related to cloning machines can easily take a *lot* longer than reading through the sysprep documentation and creating a proper image.
    And if something happens on your workstations, and all Microsoft tells you is to reinstall the machines and try again, do you really want to be the one explaining to TPTB that you saved about 4 hours by ignoring sysprep some time ago, and now the new software won't run, but you'll gladly spend the weekend at the office to reinstall all machines?
    Oh, and note that the *image* you'll be distributing has already to be syspreped; you can *not* clone an installation, boot it up, and then run sysprep.
    Check here for details:

    Do not disk duplicate installed versions of Windows

    The Microsoft policy concerning disk duplication of Windows XP installations
    LVL 23

    Expert Comment

    Question to oBdA :-

    Will the SID of a machine "change" when it is joined to a domain, to reflect the change of status? IF so then there is not a problem to gablais?
    LVL 8

    Expert Comment

    Machine SIDs do not change when joining a domain.

    Author Comment

    Thanks for the quick response everyone. I have read the links from ajbritton and oBdA. In a nutshell, Microsoft claims that it will only affect the local machine if in a workgroup and not in a domain and they have provided a tool(newsid) to correct this. They also claim that they are aware that a lot of companies prefers this over sysprep when they have large amount of computers to deploy.
    Am I reading this right?

    LVL 82

    Accepted Solution

    We're using NewSID for test machines, but we have, for example, experienced problems trying to install a Sharepoint server on a cloned machine that was treated with NewSID.
    Microsoft is very clear when it comes to cloning: "Microsoft does not provide support for computers that are set up by use of SID-duplicating tools other than the System Preparation tool. If an image was created without the use of sysprep, Microsoft does not support the running of Sysprep after the image is deployed as a way to bring the computer back into compliance."
    Once the syspreped image is created, installing new machines is likely to be faster than using NewSID, especially since you can deploy several syspreped images at the same time, while with NewSID, you have to wait until the name and SID change on one machine is finished before you can boot the next one.
    Using sysprep is not really that complicated that it's worth it to waive Microsoft's support; you might need it urgently at some point.

    Featured Post

    Free Trending Threat Insights Every Day

    Enhance your security with threat intelligence from the web. Get trending threat insights on hackers, exploits, and suspicious IP addresses delivered to your inbox with our free Cyber Daily.

    Join & Write a Comment

    Scenerio: You have a server running Server 2003 and have applied a retail pack of Terminal Server Licenses.  You want to change servers or your server has crashed and you need to reapply the Terminal Server Licenses. When you enter the 16-digit lic…
    This tutorial will walk an individual through the steps necessary to join and promote the first Windows Server 2012 domain controller into an Active Directory environment running on Windows Server 2008. Determine the location of the FSMO roles by lo…
    This tutorial will walk an individual through the process of transferring the five major, necessary Active Directory Roles, commonly referred to as the FSMO roles from a Windows Server 2008 domain controller to a Windows Server 2012 domain controlle…

    729 members asked questions and received personalized solutions in the past 7 days.

    Join the community of 500,000 technology professionals and ask your questions.

    Join & Ask a Question

    Need Help in Real-Time?

    Connect with top rated Experts

    19 Experts available now in Live!

    Get 1:1 Help Now