Re: Clone PC with same Name and same SID

Tech-Archive recommends: Fix windows errors by optimizing your registry

The SID that newsid changes has nothing to do with AD. Each computer has two SIDs. The first is the SID in the domain on the computer object, an attribute called objectSID which is used to represent the computer across the network. The second is the local SID on the machine used for the machine's local security principals. Changing that second SID will have no bearing on AD.

joe

--
Joe Richards Microsoft MVP Windows Server Directory Services
Author of O'Reilly Active Directory Third Edition
www.joeware.net


---O'Reilly Active Directory Third Edition now available---

http://www.joeware.net/win/ad3e.htm



Rob Burns wrote:
Thanks to everyone for the plethora of information here; however, I
have a question that I have not seen specifically answered yet, so
forgive me if I just missed it. I think I know the answer, but have no
real-world experience with it, so I thought I'd ask you experts.

I have a member server that I have cloned (full tape restore + system
state) offline in the lab. I have NewSid on the ready and have used it
in the past with great success; however, the question at hand is if I
leave the clone server as it is with the duplicate name and SID and
pull the original server offline, can I then put the clone online
without AD balking? In theory I'm thinking that AD shouldn't care, but
I didn't want to guess incorrectly. =)

Am I completely off base here or is my logic somewhat on track?

Any input would be greatly appreciated!

Best regards,

Rob

.

Relevant Pages

  • =?Utf-8?Q?Re:_Nach_Neuinstallation_k=C3=B6nnen_?= =?Utf-8?Q?verkn=C3=BCpfte_Kontakte_nicht_g
    ... Windows-Umgebung hat also auch immer eine eindeutige SID und wird dadurch ... Wenn nun auf dem Server sich ... einer alten SID mit Berechtigungen versehen wurde, ... "Sie haben wahrscheinlich versucht, den Kalender eines Benutzers ...
    (microsoft.public.de.outlook)
  • Re: Two different domains with same name - Problems?
    ... and yes, at this level (SID) the domains are distinct, however TTBOMK domain discovery happens by name so the 'foreign' PCs will _attempt_ to log onto the domain, causing more grief than I can imagine. ... Initial connections from Fred are parsed to get the domain/user SIDs and fail to match so fallback to PTA, at this time Fred@Domain1 will cause Fred@Domain2's account to be locked out due to auth failure. ... Windows Small Business Server 2008 Unleashed ...
    (microsoft.public.windows.server.sbs)
  • Re: ASP.NET User.Identity.Name value after a domain username chang
    ... Can you point me to any resources I can use about getting the SID of the ... WebRequest user without using the username as the base of a lookup (since I ... access a website on the server. ... I have a very confusing issue when the domain login of a user is changed ...
    (microsoft.public.dotnet.framework.aspnet.security)
  • Re: Sid/Unstable
    ... Debian as a home server which handles a website, e-mail server, samba ... sid is great for this. ... backup backup backup and be sure to remember to take good backups. ... if by "boot up" you mean "I can scrape together a way to get the ...
    (Debian-User)
  • Re: How to re-join an NT domain without losing user profile data/s
    ... You want the name of the PDC to be the same as it was originally once all ... then to delete the old record in the server ... You created a new domain with>> the same name, but the SID, of course, was different. ... My guess is>> that it did so for a similar reason as the profile directories ->> mismatched ...
    (microsoft.public.windowsxp.network_web)