Computer sids
I have a problem, I have been asked to look and imaging as the company I'm working for as issues with there many W7 master images..
I have noticed that some PCs are reporting duplicat sids
If I run PSgetsid on 3 PCs I get these returns..
SID for \\PC1:
S-1-5-21-1305255674-109902
SID for \\PC2:
S-1-5-21-1305255674-109902
SID for \\PC3:
S-1-5-21-4098788176-313059
This would seem to say I have a duplicate on PC 1and PC2
However If I run NTDSutl, on the DC I get no duplicates
and is I run ADfind
I get
PC1
S-1-5-21-2208487660-598541
PC2
S-1-5-21-2208487660-598541
PC3
S-1-5-21-2208487660-598541
So the DC looks good
So my questing is what am I missing?
The reason I'm looking at this as we are getting some pcs drop off the domain and there are big question around the current images and WSUS
Thanks in advance
I have noticed that some PCs are reporting duplicat sids
If I run PSgetsid on 3 PCs I get these returns..
SID for \\PC1:
S-1-5-21-1305255674-109902
SID for \\PC2:
S-1-5-21-1305255674-109902
SID for \\PC3:
S-1-5-21-4098788176-313059
This would seem to say I have a duplicate on PC 1and PC2
However If I run NTDSutl, on the DC I get no duplicates
and is I run ADfind
I get
PC1
S-1-5-21-2208487660-598541
PC2
S-1-5-21-2208487660-598541
PC3
S-1-5-21-2208487660-598541
So the DC looks good
So my questing is what am I missing?
The reason I'm looking at this as we are getting some pcs drop off the domain and there are big question around the current images and WSUS
Thanks in advance
ASKER
The 3 PCs
SID for \\PC1:
S-1-5-21-1305255674-109902
SID for \\PC2:
S-1-5-21-1305255674-109902
SID for \\PC3:
S-1-5-21-4098788176-313059
Are on the domain the local sid is different to the one in AD, is this correct?
Martyn
SID for \\PC1:
S-1-5-21-1305255674-109902
SID for \\PC2:
S-1-5-21-1305255674-109902
SID for \\PC3:
S-1-5-21-4098788176-313059
Are on the domain the local sid is different to the one in AD, is this correct?
Martyn
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
Also look over
Resolving the duplicate SUSClientID issue, or “Why don’t all my clients show up in the WSUS console?”
http://blogs.technet.com/b/sus/archive/2009/05/05/resolving-the-duplicate-susclientid-issue-or-why-don-t-all-my-clients-show-up-in-the-wsus-console.aspx
Resolving the duplicate SUSClientID issue, or “Why don’t all my clients show up in the WSUS console?”
http://blogs.technet.com/b/sus/archive/2009/05/05/resolving-the-duplicate-susclientid-issue-or-why-don-t-all-my-clients-show-up-in-the-wsus-console.aspx
ASKER
As this Organisation is Migrating domains they are going to take the approach of Refreshing the image as there are many issues with the existing one... its will slow down the Migration but the org will be in a better place afterwards..
If they are cloned after joining a Domain, they will get a new Domain SID if you leaft and rejoin the Domain.
The only thing that doesnt automatically update is the WSUS Unique ID which can be done by deleting a reg key and WSUS will issue a new one...
Hope this helps