SID's
Hi
Does renaming a client give it a new SID
In my current contract we rename clients while they are still joined to the domain and this works fine
In my recent jobs I have always disjoined it from the domain then renamed it then joined it back again
So does renaming a client regardless on domain or not give it a new SID
Thanks
Does renaming a client give it a new SID
In my current contract we rename clients while they are still joined to the domain and this works fine
In my recent jobs I have always disjoined it from the domain then renamed it then joined it back again
So does renaming a client regardless on domain or not give it a new SID
Thanks
.
Comments
-
gorebrush Member Posts: 2,743 ■■■■■■■□□□A SID should never change, therefore renaming it should be no problem
-
Lee H Member Posts: 1,135What I am trying to find out is if you need a SID changer for every imaged client
Sysprep, NEWSID to name just 2, but what if you dont use one
You have flat install of XP, before you join to domain you take an image, then you deploy image to 5 machines, then rename each machine differently and join to domain
Will each machine have a different SID. -
dynamik Banned Posts: 12,312 ■■■■■■■■■□What I am trying to find out is if you need a SID changer for every imaged client
Yes, you do. Otherwise, you're going to run into all kinds of obscure problems that are going to be very difficult to resolve. -
hypnotoad Banned Posts: 915What I am trying to find out is if you need a SID changer for every imaged client
Sysprep, NEWSID to name just 2, but what if you dont use one
You have flat install of XP, before you join to domain you take an image, then you deploy image to 5 machines, then rename each machine differently and join to domain
Will each machine have a different SID
No, each machines will have the same SID...and things will go crazy. Pretty much anything that can break will...from windows updates to file sharing permissions. -
rwwest7 Member Posts: 300No, each machines will have the same SID...and things will go crazy. Pretty much anything that can break will...from windows updates to file sharing permissions.
-
dynamik Banned Posts: 12,312 ■■■■■■■■■□Was sysprep run before the image was made though? You don't need to do it every time after you deploy an image.
-
down77 Member Posts: 1,009Sounds like a good time to check for duplicate SIDS
HOW TO: Find and Clean Up Duplicate Security Identifiers with Ntdsutil in Windows Server 2003CCIE Sec: Starting Nov 11 -
royal Member Posts: 3,352 ■■■■□□□□□□NewSID is not supported in production by Microsoft. You need to ensure that your images are Sysprepped so each image obtains unique information once deployed. SID is just one of the things Sysprep does.“For success, attitude is equally as important as ability.” - Harry F. Banks
-
Hyper-Me Banned Posts: 2,059If you are imaging computers for production and arent sysprepping them and regenerating SID's then you arent doing your job.
There is no excuse for not doing this, as micrsoft expressly states that this is only the right way to prepare an image.
We have countless techs at work that dont do it and I have to constantly get on to them. -
blargoe Member Posts: 4,174 ■■■■■■■■■□NewSID is not supported in production by Microsoft. You need to ensure that your images are Sysprepped so each image obtains unique information once deployed. SID is just one of the things Sysprep does.
This...IT guy since 12/00
Recent: 11/2019 - RHCSA (RHEL 7); 2/2019 - Updated VCP to 6.5 (just a few days before VMware discontinued the re-cert policy...)
Working on: RHCE/Ansible
Future: Probably continued Red Hat Immersion, Possibly VCAP Design, or maybe a completely different path. Depends on job demands... -
tiersten Member Posts: 4,505This...
-
dynamik Banned Posts: 12,312 ■■■■■■■■■□I've had two DCs with identical SIDs (just copied the VM), and I experienced all kinds of problems. It might have been a coincidence, but the situation went away after I remedied that. Maybe something else got changed in the process. I can't remember exactly how I went about it. I was pulling my hair out for awhile though...
-
tiersten Member Posts: 4,505I've had two DCs with identical SIDs (just copied the VM), and I experienced all kinds of problems. It might have been a coincidence, but the situation went away after I remedied that. Maybe something else got changed in the process. I can't remember exactly how I went about it. I was pulling my hair out for awhile though...
-
dynamik Banned Posts: 12,312 ■■■■■■■■■□Yeah. Domain SIDs are special. Go read the article :P
What's with the attitude dude? You're acting like I'm an MCSE and MCITP. Oh, wait... -
tiersten Member Posts: 4,505What's with the attitude dude?You're acting like I'm an MCSE and MCITP. Oh, wait...
We've all been indoctrinated that duplicate SIDs are always bad and that you must always use SysPrep/NewSID otherwise the world will explode in a ball of burning Windows PCs. If the SysInternals/Microsoft guy is correct then we've been mostly worrying about nothing. -
Lee H Member Posts: 1,135sysprep all the way that's my opinion so maybe that's why I haven't had any of the problems with duplicate machine sids. I simply questioned the need for using it if you happen to be imaging without sysprep and if it would still work. people say they have issues but MS say it doesn't matter. am more curious now than I was before this thread. lol.
-
blargoe Member Posts: 4,174 ■■■■■■■■■□Except that from further research by Microsoft, a duplicate SID doesn't actually do anything bad. You don't actually need to regenerate the SID for a machine and sysprep will stop doing it in the future.
Was referring to the "other" that royal was talking about, not the sid generation. There's other generalization and cleanup that happens during a sysprep other than just changing the sid.
Why would everyone be so against doing something that's been a long established best practice?IT guy since 12/00
Recent: 11/2019 - RHCSA (RHEL 7); 2/2019 - Updated VCP to 6.5 (just a few days before VMware discontinued the re-cert policy...)
Working on: RHCE/Ansible
Future: Probably continued Red Hat Immersion, Possibly VCAP Design, or maybe a completely different path. Depends on job demands... -
tiersten Member Posts: 4,505Was referring to the "other" that royal was talking about, not the sid generation. There's other generalization and cleanup that happens during a sysprep other than just changing the sid.
Why would everyone be so against doing something that's been a long established best practice?