SID's

Lee HLee H Member Posts: 1,135
Hi

Does renaming a client give it a new SID

In my current contract we rename clients while they are still joined to the domain and this works fine

In my recent jobs I have always disjoined it from the domain then renamed it then joined it back again

So does renaming a client regardless on domain or not give it a new SID

Thanks
.

Comments

  • gorebrushgorebrush Member Posts: 2,743 ■■■■■■■□□□
    A SID should never change, therefore renaming it should be no problem
  • Lee HLee H Member Posts: 1,135
    What I am trying to find out is if you need a SID changer for every imaged client

    Sysprep, NEWSID to name just 2, but what if you dont use one

    You have flat install of XP, before you join to domain you take an image, then you deploy image to 5 machines, then rename each machine differently and join to domain

    Will each machine have a different SID
    .
  • dynamikdynamik Banned Posts: 12,312 ■■■■■■■■■□
    Lee H wrote: »
    What I am trying to find out is if you need a SID changer for every imaged client

    Yes, you do. Otherwise, you're going to run into all kinds of obscure problems that are going to be very difficult to resolve.
  • tierstentiersten Member Posts: 4,505
    You should go to each deployed clone machine and change the SID.
  • hypnotoadhypnotoad Banned Posts: 915
    Lee H wrote: »
    What I am trying to find out is if you need a SID changer for every imaged client

    Sysprep, NEWSID to name just 2, but what if you dont use one

    You have flat install of XP, before you join to domain you take an image, then you deploy image to 5 machines, then rename each machine differently and join to domain

    Will each machine have a different SID

    No, each machines will have the same SID...and things will go crazy. Pretty much anything that can break will...from windows updates to file sharing permissions.
  • rwwest7rwwest7 Member Posts: 300
    hypnotoad wrote: »
    No, each machines will have the same SID...and things will go crazy. Pretty much anything that can break will...from windows updates to file sharing permissions.
    IF you're using workgroups this will happen. If you're using a domain, then when the computer is joined to the domain an new sid is generated for the computer account in the domain. I've heard otherwise, but I have about 2,000 computers on my domain, most of which have been imaged with Ghost, and I have not once ran newsid or sysprep.
  • dynamikdynamik Banned Posts: 12,312 ■■■■■■■■■□
    Was sysprep run before the image was made though? You don't need to do it every time after you deploy an image.
  • down77down77 Member Posts: 1,009
    CCIE Sec: Starting Nov 11
  • royalroyal Member Posts: 3,352 ■■■■□□□□□□
    NewSID is not supported in production by Microsoft. You need to ensure that your images are Sysprepped so each image obtains unique information once deployed. SID is just one of the things Sysprep does.
    “For success, attitude is equally as important as ability.” - Harry F. Banks
  • Hyper-MeHyper-Me Banned Posts: 2,059
    If you are imaging computers for production and arent sysprepping them and regenerating SID's then you arent doing your job.

    There is no excuse for not doing this, as micrsoft expressly states that this is only the right way to prepare an image.

    We have countless techs at work that dont do it and I have to constantly get on to them.
  • Hyper-MeHyper-Me Banned Posts: 2,059
    Yes! more undeserved neg rep.

    Fools.
  • blargoeblargoe Member Posts: 4,174 ■■■■■■■■■□
    royal wrote: »
    NewSID is not supported in production by Microsoft. You need to ensure that your images are Sysprepped so each image obtains unique information once deployed. SID is just one of the things Sysprep does.

    This...
    IT guy since 12/00

    Recent: 11/2019 - RHCSA (RHEL 7); 2/2019 - Updated VCP to 6.5 (just a few days before VMware discontinued the re-cert policy...)
    Working on: RHCE/Ansible
    Future: Probably continued Red Hat Immersion, Possibly VCAP Design, or maybe a completely different path. Depends on job demands...
  • tierstentiersten Member Posts: 4,505
    blargoe wrote: »
    This...
    Except that from further research by Microsoft, a duplicate SID doesn't actually do anything bad. You don't actually need to regenerate the SID for a machine and sysprep will stop doing it in the future.
  • dynamikdynamik Banned Posts: 12,312 ■■■■■■■■■□
    I've had two DCs with identical SIDs (just copied the VM), and I experienced all kinds of problems. It might have been a coincidence, but the situation went away after I remedied that. Maybe something else got changed in the process. I can't remember exactly how I went about it. I was pulling my hair out for awhile though...
  • tierstentiersten Member Posts: 4,505
    dynamik wrote: »
    I've had two DCs with identical SIDs (just copied the VM), and I experienced all kinds of problems. It might have been a coincidence, but the situation went away after I remedied that. Maybe something else got changed in the process. I can't remember exactly how I went about it. I was pulling my hair out for awhile though...
    Yeah. Domain SIDs are special. Go read the article :P
  • dynamikdynamik Banned Posts: 12,312 ■■■■■■■■■□
    tiersten wrote: »
    Yeah. Domain SIDs are special. Go read the article :P

    What's with the attitude dude? You're acting like I'm an MCSE and MCITP. Oh, wait...
  • tierstentiersten Member Posts: 4,505
    dynamik wrote: »
    What's with the attitude dude?
    Bring it on! Outside! Now!
    dynamik wrote: »
    You're acting like I'm an MCSE and MCITP. Oh, wait...
    :D

    We've all been indoctrinated that duplicate SIDs are always bad and that you must always use SysPrep/NewSID otherwise the world will explode in a ball of burning Windows PCs. If the SysInternals/Microsoft guy is correct then we've been mostly worrying about nothing.
  • Lee HLee H Member Posts: 1,135
    sysprep all the way that's my opinion so maybe that's why I haven't had any of the problems with duplicate machine sids. I simply questioned the need for using it if you happen to be imaging without sysprep and if it would still work. people say they have issues but MS say it doesn't matter. am more curious now than I was before this thread. lol
    .
  • blargoeblargoe Member Posts: 4,174 ■■■■■■■■■□
    tiersten wrote: »
    Except that from further research by Microsoft, a duplicate SID doesn't actually do anything bad. You don't actually need to regenerate the SID for a machine and sysprep will stop doing it in the future.

    Was referring to the "other" that royal was talking about, not the sid generation. There's other generalization and cleanup that happens during a sysprep other than just changing the sid.

    Why would everyone be so against doing something that's been a long established best practice?
    IT guy since 12/00

    Recent: 11/2019 - RHCSA (RHEL 7); 2/2019 - Updated VCP to 6.5 (just a few days before VMware discontinued the re-cert policy...)
    Working on: RHCE/Ansible
    Future: Probably continued Red Hat Immersion, Possibly VCAP Design, or maybe a completely different path. Depends on job demands...
  • tierstentiersten Member Posts: 4,505
    blargoe wrote: »
    Was referring to the "other" that royal was talking about, not the sid generation. There's other generalization and cleanup that happens during a sysprep other than just changing the sid.

    Why would everyone be so against doing something that's been a long established best practice?
    Ah yeah. I'm just talking about SIDs themselves. Not the rest of the stuff that sysprep does which you obviously should be doing.
Sign In or Register to comment.