Question on SIDs and Computer Accounts

B

Bobby

I have a quick question on the relationship of SIDs and computer accounts.
This much I understand:
If I have a computer account named WILLIAM on my Windows 2000 domain,
Windows 2000 automatically gives it a SID.
This much I don't understan:
What if I change the name of the account from WILLIAM to ROBERT and add it
back to the domain? Does the SID change? Or does it keep the original SID?

Basically do SIDs change when you change the name of the computer account?

We're using Ghost to image our workstations and the question arose about
SIDs. If we use the same image for 30 new workstations, are all 30
workstations going to have the same SID? I'm thinking "no", but I'm probably
wrong.

Thanks in advance for your thoughts.


Regards,


BT
 
M

Miha Pihler

Hi Bobby,

Changing computer name does not change SID. If you need to change SID you
can use "NewSID" tool from www.sysinternals.com (it's free download) or you
could use SysPrep from Windows 2000 CD (it is inside deploy.cab file).

I hope this helps,

Mike
 
B

Bobby

Thanks a ton. That answers my question. I have one more in relation to this:
Is there a way for me to view SIDs out on our network? A utility that would
allow me to compare the SIDs on several different machines to verify that
they are unique?

Thanks again...
 
T

Torgeir Bakken \(MVP\)

Bobby said:
I have a quick question on the relationship of SIDs and computer accounts.
This much I understand:
If I have a computer account named WILLIAM on my Windows 2000 domain,
Windows 2000 automatically gives it a SID.
This much I don't understan:
What if I change the name of the account from WILLIAM to ROBERT and add it
back to the domain? Does the SID change? Or does it keep the original SID?

Basically do SIDs change when you change the name of the computer account?
Click to expand...

Yes, the Domain SID will change if you remove the computer from the
domain, change the computer name, and then join the computer to the
domain again.

We're using Ghost to image our workstations and the question arose about
SIDs. If we use the same image for 30 new workstations, are all 30
workstations going to have the same SID? I'm thinking "no", but I'm probably
wrong.
Click to expand...

The computer SID will be the same, but the domain SID for the
computers will be different, and that is what is important.

From
http://www.sysinternals.com/ntw2k/source/newsid.shtml

<quote>
Duplicate SIDs aren't an issue in a Domain-based environment since
domain accounts have SID's based on the Domain SID.
</quote>
 

Ask a Question

Want to reply to this thread or ask your own question?

You'll need to choose a username for the site, which only take a couple of moments. After that, you can post your question and our members will help you out.

Ask a Question

Similar Threads

NewSID and Sysprep problem 3
partial and full SIDs in gpo's? 4
AD Domain member server not showing SAM names 2
What happens with SIDs in Migration? 5
Sysprep/SID generation question 2
Two domains and two users - merging user account to one 3
Workstations Already Deployed w/o Sysprep and w/ Novell Client 3
Windows XP computer SID duplication 1

Top