Using the as-a-service approach for your business model allows you to grow your revenue stream with new practice areas, without forcing you to part ways with existing clients just because they don’t fit the mold of your new service offerings.
Can't log in to domain after cloning to SSD
HI there, I have two domain computers I recently cloned the old sata drives to SSDs. The cloning worked just fine but the computers can't login to the domain when connected to the network. If i remove the ethernet cord I'm able to log in with the cached domain credentials, I reconnect the network cable and have access to all network resources. Does anyone know how to fix this without removing and rejoining the domain?
I used the cloning utilities that come with Samsung and Kingston SSDs.
thanks..
I used the cloning utilities that come with Samsung and Kingston SSDs.
thanks..
Who is Participating?
Experts Exchange Solution brought to you by
Enjoy your complimentary solution view.
Get this solution by purchasing an Individual license!
Start your 7-day free trial.
I wear a lot of hats...
"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.
Pull the network cable and log in. Then plug it in. Do you have access to the domain? What does the event logs say? What is the error message when you try to log in with the cable attached? (Pictures are best; use your phone if you have to take a picture and post it).
The only solution is to remove the computers from ADUC and then join the computers to domain.
When joining to an AD domain, an unique computer ID is generated and stored in the AD database in the DC. The unique ID is composed based on computer hardware components. Every time a computer autheticate to AD, this ID is generated on the computer side and compared with the ID stored in the AD database. You've changed a component, so the ID generated on the computer side, does'n't match anymore with the ID stored in the AD database. This is a security feature, a measure to stop an intruder to impersonate your computer. A hacker would try exactly what you did.
Best regards
When joining to an AD domain, an unique computer ID is generated and stored in the AD database in the DC. The unique ID is composed based on computer hardware components. Every time a computer autheticate to AD, this ID is generated on the computer side and compared with the ID stored in the AD database. You've changed a component, so the ID generated on the computer side, does'n't match anymore with the ID stored in the AD database. This is a security feature, a measure to stop an intruder to impersonate your computer. A hacker would try exactly what you did.
Best regards
When joining to an AD domain, an unique computer ID is generated and stored in the AD database in the DC. The unique ID is composed based on computer hardware components.This is totally false.. Nothing relates to hardware on the computer account attributes (the GUID is random) and this is definitely not because of BIOS
https://docs.microsoft.com/en-us/previous-versions/tn-archive/ee198792(v=technet.10)
Does anyone know how to fix this without removing and rejoining the domain?Use Reset-ComputerMachinePassw
The reason why you can log on is that you have cached logins enabled.
Experts Exchange Solution brought to you by
Your issues matter to us.
Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.
Start your 7-day free trial
I agree with Vermaak, nothing relies on software, GUID is a totally random identification. Moreover, you can use this on PS to generate a random GUID (PSv4 min)
In another part I think that the reset-computerMachinePassw
[GUID]::NewGuid() | select -ExpandProperty Guid
In another part I think that the reset-computerMachinePassw
Were this me, I would definitely try removing and re adding the machine to the domain. Very straightforward, takes maybe 10 mins and a couple of reboots. Make sure you have the local admin account credentials first though.
To rephrase a little Mal Osborne
Does anyone know how to fix this without removing and rejoining the domain?Why? What's the big deal pulling it out of the domain and putting it back in?
If I'm reading this correctly, you took a machine connected to a domain, cloned it, and then connected the clone to the domain?
To answer your question regarding fixing this WITHOUT disjoining/joining domain, you can't. From the domains perspective, these two computers are one computer, so they cannot coexist. Your process is broken.
BEFORE cloning a machine, you should SYSPREP (generalize) it [to comply with MS licensing, this should be a PC built using Volume Media, not OEM]. Do NOT boot the machine into Windows after the sysprep. Create the clone. THEN boot both machines. You'll need to then join both to the Domain.
When you clone without a SYSPREP, the new machine ends up with the same SID as the original. To fix it from the point you are at, you need to remove BOTH from the domain, generate a new SID on at least one of these computers (either Sysprep, or look maybe at http://www.stratesave.com/html/sidchg.html which I've never used, but looks promising), then join both to the domain.
To answer your question regarding fixing this WITHOUT disjoining/joining domain, you can't. From the domains perspective, these two computers are one computer, so they cannot coexist. Your process is broken.
BEFORE cloning a machine, you should SYSPREP (generalize) it [to comply with MS licensing, this should be a PC built using Volume Media, not OEM]. Do NOT boot the machine into Windows after the sysprep. Create the clone. THEN boot both machines. You'll need to then join both to the Domain.
When you clone without a SYSPREP, the new machine ends up with the same SID as the original. To fix it from the point you are at, you need to remove BOTH from the domain, generate a new SID on at least one of these computers (either Sysprep, or look maybe at http://www.stratesave.com/html/sidchg.html which I've never used, but looks promising), then join both to the domain.
To answer your question regarding fixing this WITHOUT disjoining/joining domain, you can't. From the domains perspective, these two computers are one computer, so they cannot coexist. Your process is broken.As far as I understand OP's question, the computers were not cloned, the drives were replaced. The two computers and still two computers
Thanks for the many responses, just to clarify i replaced the old sata with SSD by cloning it. that . way i didn't have to transfer all the user data and reinstall a million apps. I'll back to that site in two days to try the Reset-ComputerMachinePassw
It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today
Disk Cloning
From novice to tech pro — start learning today.
Experts Exchange Solution brought to you by
Enjoy your complimentary solution view.
Get this solution by purchasing an Individual license!
Start your 7-day free trial.
When done do a TCP/IP Reset, DNS Flush to be sure.
Open cmd.exe with Run as Administrator
Then: netsh int ip reset c:\resetlog.txt
Then: ipconfig /flushdns
Now restart and test.