• We’re currently investigating an issue related to the forum theme and styling that is impacting page layout and visual formatting. The problem has been identified, and we are actively working on a resolution. There is no impact to user data or functionality, this is strictly a front-end display issue. We’ll post an update once the fix has been deployed. Thanks for your patience while we get this sorted.

Question about SID's in Win2k environment

M

mobogasm

Golden Member
I have a question about SID's in Win2K. I know that when you create a user on a computer it gives them a SID instead of using the created name for recognition by the OS. So lets say you go rename the user, it retains the SID and you see a new username retaining the SID and properties of that previous username. I ghost a ton of computers at work and created an image for use on these win2k boxes. To make things simpler and quicker for me I created a local user account on the image and have all the applications configured how we need them configured. So when I put an image on a new workstation all I have to do it rename the user account and I'm done. So now the question..........Is this going to create any problems with our network. We user NT4 servers along with Novell 3.x and 4.x servers. We will soon be upgrading the servers to 2K Server. I thought I had read somewhere that 2k uses the SID's to identify the user for certain operations. Does anybody see any problems with this? Because most people will now have the same SID even though they have a different account name....
 
You didn't mention if these are local computer accounts or domain accounts. If they are local computer accounts it won't matter as each machine is an 'island' as far as the reach of the 'sids' goes. But if these are domain system you'll need to get domain users assigned, and the sids will need to be different (and the machine sids will need to be different too)

Bill
 
It will eventually cause problems.

Cloning or duplicating an installation could lead to duplicate SIDs.
In can lead to accounts having access to files even though they
were specifically denied access by using NTFS permissions.

Because the SID identifies the computer or domain as well as the user, it should be
unique to maintain support for current and future programs.

You should either be using Sysprep in the images or at the very least
be running Microsoft's NewSID on the machine after Ghosting the PC.

Running Sysprep will make your life a whole lot easier when re-imaging PC's.
 
Cloning or duplicating an installation could lead to duplicate SIDs.
In can lead to accounts having access to files even though they
were specifically denied access by using NTFS permissions.
Click to expand...

Not if he's not on a domain.

Because the SID identifies the computer or domain as well as the user, it should be
unique to maintain support for current and future programs.
Click to expand...

The computer SID definately needs to be unique, but the user sids can duplicate across different security boundries (e.g. different local machine accounts or different domains)

You should either be using Sysprep in the images or at the very least
be running Microsoft's NewSID on the machine after Ghosting the PC.
Running Sysprep will make your life a whole lot easier when re-imaging PC's.
Click to expand...

Yes, but that didn't answer his user question, that just deals with the machine sid...

Bill


 
You must log in or register to reply here.

TRENDING THREADS

Back
Top