What are the ramifications of not running sysprep to create a new SID for each client's machine on a Windows AD network?

Toggle sidebar Toggle sidebar
J

JackBurton

Lifer
Jul 18, 2000
15,993
14
81
What would be the problems that would arise if each machine on an AD network had the same SID? The reason I'm asking is that people are not running sysprep before they close a Ghost image for deployment. I've ALWAYS run sysprep but I've never tried NOT using it. What are the results?
 
S

stash

Diamond Member
Jun 22, 2000
5,468
0
0
You will pretty much be unable to join machines to the network, and/or authenticate machines on the network.
 
R

RhythmAddict

Member
Sep 15, 2003
114
0
0
Originally posted by: STaSh
You will pretty much be unable to join machines to the network, and/or authenticate machines on the network.
Click to expand...

Yep. You can't join the domain...You get an error that says "A duplicate name exists on the network" or "unable to access domain resources"

basically, you're sort of screwed unless you wanna be local...

cheers
 
E

exx1976

Member
Nov 13, 2003
77
0
0
Absolutely correct, because each machine requires a unique SID to be able to join the domain.
 
L

loup garou

Lifer
Feb 17, 2000
35,132
1
81
Actually, after a goof on our part, we didn't sysprep some machines that were going onto an AD network. About 75% of them were joined fine. The rest gave us a duplicate name error. The only reason we realized we screwed up was when we tried to push an AV client install from the server. THEN we had problems with that on 100% of the machines. Luckily, running sysprep after the fact fixed all of them. NewSID didn't work with the XP machines, though.
 
J

JackBurton

Lifer
Jul 18, 2000
15,993
14
81
Originally posted by: werk
Actually, after a goof on our part, we didn't sysprep some machines that were going onto an AD network. About 75% of them were joined fine. The rest gave us a duplicate name error. The only reason we realized we screwed up was when we tried to push an AV client install from the server. THEN we had problems with that on 100% of the machines. Luckily, running sysprep after the fact fixed all of them. NewSID didn't work with the XP machines, though.
Click to expand...
We need to create new SIDs on these machines. Does NewSID work ok on 2000 machines?

 
L

loup garou

Lifer
Feb 17, 2000
35,132
1
81
Originally posted by: JackBurton
Originally posted by: werk
Actually, after a goof on our part, we didn't sysprep some machines that were going onto an AD network. About 75% of them were joined fine. The rest gave us a duplicate name error. The only reason we realized we screwed up was when we tried to push an AV client install from the server. THEN we had problems with that on 100% of the machines. Luckily, running sysprep after the fact fixed all of them. NewSID didn't work with the XP machines, though.
Click to expand...
We need to create new SIDs on these machines. Does NewSID work ok on 2000 machines?
Click to expand...
I've only tried it on XP machines with no luck. My coworker thought that was odd and said that he never had a problem with it on 2000 systems, so give it a shot.

http://www.sysinternals.com/ntw2k/source/newsid.shtml

As I said, you can also run sysprep on a machine that's already been imaged. It's a bit more time consuming than NewSID though.
 
You must log in or register to reply here.

TRENDING THREADS

COMPANY
RESOURCES
FOLLOW
Top Bottom