• Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 2909
  • Last Modified:

Change SID on cloned PC

Hi Experts

I'm about to roll out a load of cloned Windows 7 PC's onto our domain. The clone was created off the domain however I didn't manage to depersonalise the clone using sysprep as I got an error. Do I need to worry about duplicate SID's, looking into this ive found conflicting opinions, some people are saying its not a problem if you clone the PC before joining to the domain, Ive also read that SID is no longer an issue in windows 7, what do you guys think?
1 Solution
Darius GhassemCommented:
If my experience Sysprep should be done no matter what. SIDs are still used by programs sometimes to validate the workstations.
coreccAuthor Commented:
Can anyone help with the following error

sysprep a fatal error occured while trying to sysprep the machine

when I look further into this error, people are suggestion editing the answer file, does anyone know where this would be?
Chris MillardCommented:
Just to be a bit contradictory, I have a few clients who have had Windows 7 rollouts, and we just cloned a PC that had all of their software installed, and renamed the PCs just before joining the domain.

These systems have been in place for ages without any issues for us.
2017 Webroot Threat Report

MSPs: Get the facts you need to protect your clients.
The 2017 Webroot Threat Report provides a uniquely insightful global view into the analysis and discoveries made by the Webroot® Threat Intelligence Platform to provide insights on key trends and risks as seen by our users.

The Machine SID Duplication Myth (and Why Sysprep Matters)

I had always thought that the SID duplication was a problem like everyone else, till I read this.....
coreccAuthor Commented:
Lee W, MVPTechnology and Business Process AdvisorCommented:
Sysprep doesn't JUST reset the SID.  It does other preparation to the PC.  Failing to to sysprep can cause problems in other services not because of SIDs.  Mark Russinovich details why SIDs are not an issue but mentions that just because the SID is not an issue, other services, such as WSUS still require you to sysprep or face potential problems.


coreccAuthor Commented:
John, thanks for the link, he does state the following though:

Note that Sysprep resets other machine-specific state that, if duplicated, can cause problems for certain applications like Windows Server Update Services (WSUS), so MIcrosoft's support policy will still require cloned systems to be made unique with Sysprep.

Looks like I still need to run Sysprep.

Thanks Guys
While there may be some debate on the subject, I have found that it's always a good idea to run Sysprep before you stand up a machine on the domain.  Here is a pair of good articles that explain things rather well:

Why Sysprep is a necessary Windows deployment tool – Part 1

Why Sysprep is a necessary Windows deployment tool – Part 2
coreccAuthor Commented:
looks like sysprep is the way to go, hopfully this fix will help others.

Featured Post

Threat Trends for MSPs to Watch

See the findings.
Despite its humble beginnings, phishing has come a long way since those first crudely constructed emails. Today, phishing sites can appear and disappear in the length of a coffee break, and it takes more than a little know-how to keep your clients secure.

Tackle projects and never again get stuck behind a technical roadblock.
Join Now