Re: Why bother using Sysprep (or ghostwalker or anyother sid changer) if you are using a Domain?


T

-|Tree=Bonz|-

Brian HBooGz,wrote:





Why shouldn't he use sysprep? What's better about ghostwalker?

For that matter why worry about changing the SID anyway?

http://support.microsoft.com/default.aspx?scid=kb;en-us;555452&sd=rss&spid=3198

WSUS: Script to delete duplicate SID created by Disk Imaging / Disk Cloning
View products that this article applies to.
Author: Mohammed Athif Khaleel MVP
Community Solutions Content Disclaimer
Article ID : 555452
Last Review : September 6, 2005
Revision : 1.0
On This Page
SUMMARY SUMMARY
Tips Tips
WSUS: Script to delete duplicate SID created by Disk Imaging / Disk Cloning
APPLIES TO APPLIES TO
SUMMARY
WSUS Clients do not report on WSUS Server. This script will delete AccountDomainSid, PingID, SusClientId registry keys if exists. Automatic Updates with WSUS doesn’t work if the workstation is installed via Disk Imaging or Disk Cloning.
Back to the top Back to the top
Tips
WSUS: Script to delete duplicate SID created by Disk Imaging / Disk Cloning
When you ghost an image and when that machine is a WSUS Client, it may not appear in the Windows Server Update Services (WSUS) console or sometime, it may not communicate with WSUS Server as it will have the duplicate registry values. More information on
Automatic Updates with WSUS doesn’t work if workstation is installed via Disk Imaging / Disk Cloning;
http://support.microsoft.com/kb/555351

If you have multiple computers with this behavior, then you can add a logon script which can do the task automatically. Note this has to be done only once.
====================================================================================
@echo off
Echo Save the batch file "AU_Clean_SID.cmd". This batch file will do the following:
Echo 1. Stop the wuauserv service
Echo 2. Delete the AccountDomainSid registry key (if it exists)
Echo 3. Delete the PingID registry key (if it exists)
Echo 4. Delete the SusClientId registry key (if it exists)
Echo 5. Restart the wuauserv service
Echo 6. Resets the Authorization Cookie
Pause
@echo on
net stop wuauserv
REG DELETE "HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate" /v AccountDomainSid /f
REG DELETE "HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate" /v PingID /f
REG DELETE "HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate" /v SusClientId /f
net start wuauserv
wuauclt /resetauthorization /detectnow
Pause
====================================================================================
These registry entries will be re-created at the next detection cycle.

More Information:

Automatic Updates with WSUS doesn’t work if workstation is installed via Disk Imaging / Disk Cloning:
http://support.microsoft.com/kb/555351

NewSID is a program developed by sysinternals that changes a computer's SID. It is free, comes with full source, and is a Win32 program, meaning that it can easily be run on systems that have been previously cloned. NewSID works on Windows NT 4, Windows 2000, Windows XP and Windows .NET Server. You can download NewSID from http://www.sysinternals.com/Utilities/NewSid.html

Back to the top Back to the top
APPLIES TO
• Microsoft Windows XP Professional
• Microsoft Windows Server 2003, Standard Edition (32-bit x86)
• Microsoft Windows 2000 Service Pack 3
• Microsoft Windows 2000 Service Pack 4
• Microsoft Windows Server 2003, Enterprise Edition (32-bit x86)
• Microsoft Windows XP Service Pack 1
• Microsoft Windows XP Service Pack 2
• Microsoft Windows XP Media Center Edition 2002
Back to the top Back to the top
COMMUNITY SOLUTIONS CONTENT DISCLAIMER
MICROSOFT CORPORATION AND/OR ITS RESPECTIVE SUPPLIERS MAKE NO
REPRESENTATIONS ABOUT THE SUITABILITY, RELIABILITY, OR ACCURACY OF THE
INFORMATION AND RELATED GRAPHICS CONTAINED HEREIN. ALL SUCH INFORMATION
AND RELATED GRAPHICS ARE PROVIDED "AS IS" WITHOUT WARRANTY OF ANY KIND.
MICROSOFT AND/OR ITS RESPECTIVE SUPPLIERS HEREBY DISCLAIM ALL WARRANTIES
AND CONDITIONS WITH REGARD TO THIS INFORMATION AND RELATED GRAPHICS,
INCLUDING ALL IMPLIED WARRANTIES AND CONDITIONS OF MERCHANTABILITY,
FITNESS FOR A PARTICULAR PURPOSE, WORKMANLIKE EFFORT, TITLE AND
NON-INFRINGEMENT. YOU SPECIFICALLY AGREE THAT IN NO EVENT SHALL MICROSOFT
AND/OR ITS SUPPLIERS BE LIABLE FOR ANY DIRECT, INDIRECT, PUNITIVE,
INCIDENTAL, SPECIAL, CONSEQUENTIAL DAMAGES OR ANY DAMAGES WHATSOEVER
INCLUDING, WITHOUT LIMITATION, DAMAGES FOR LOSS OF USE, DATA OR PROFITS,
ARISING OUT OF OR IN ANY WAY CONNECTED WITH THE USE OF OR INABILITY TO USE
THE INFORMATION AND RELATED GRAPHICS CONTAINED HEREIN, WHETHER BASED ON
CONTRACT, TORT, NEGLIGENCE, STRICT LIABILITY OR OTHERWISE, EVEN IF
MICROSOFT OR ANY OF ITS SUPPLIERS HAS BEEN ADVISED OF THE POSSIBILITY OF
DAMAGES.
If you change the name and re-add them to the domain what difference
does it really make?

Couldn't you ghost a 100 systems (so long as they are identical) and
change their names and add them to a domain (either Windows 2000 or 2003
active directory)? Would it really screw anything up?

United States *

Microsoft.com Home | Site Map
Microsoft *
Search Microsoft.com for:
Help and Support
Help and Support Home | Select a Product | Search (KB)
WSUS: Script to delete duplicate SID created by Disk Imaging / Disk Cloning
View products that this article applies to.
Author: Mohammed Athif Khaleel MVP
Community Solutions Content Disclaimer
Article ID : 555452
Last Review : September 6, 2005
Revision : 1.0
On This Page
SUMMARY SUMMARY
Tips Tips
WSUS: Script to delete duplicate SID created by Disk Imaging / Disk Cloning
APPLIES TO APPLIES TO
SUMMARY
WSUS Clients do not report on WSUS Server. This script will delete AccountDomainSid, PingID, SusClientId registry keys if exists. Automatic Updates with WSUS doesn’t work if the workstation is installed via Disk Imaging or Disk Cloning.
Back to the top Back to the top
Tips
WSUS: Script to delete duplicate SID created by Disk Imaging / Disk Cloning
When you ghost an image and when that machine is a WSUS Client, it may not appear in the Windows Server Update Services (WSUS) console or sometime, it may not communicate with WSUS Server as it will have the duplicate registry values. More information on
Automatic Updates with WSUS doesn’t work if workstation is installed via Disk Imaging / Disk Cloning;
http://support.microsoft.com/kb/555351

If you have multiple computers with this behavior, then you can add a logon script which can do the task automatically. Note this has to be done only once.
====================================================================================
@echo off
Echo Save the batch file "AU_Clean_SID.cmd". This batch file will do the following:
Echo 1. Stop the wuauserv service
Echo 2. Delete the AccountDomainSid registry key (if it exists)
Echo 3. Delete the PingID registry key (if it exists)
Echo 4. Delete the SusClientId registry key (if it exists)
Echo 5. Restart the wuauserv service
Echo 6. Resets the Authorization Cookie
Pause
@echo on
net stop wuauserv
REG DELETE "HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate" /v AccountDomainSid /f
REG DELETE "HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate" /v PingID /f
REG DELETE "HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate" /v SusClientId /f
net start wuauserv
wuauclt /resetauthorization /detectnow
Pause
====================================================================================
These registry entries will be re-created at the next detection cycle.

More Information:

Automatic Updates with WSUS doesn’t work if workstation is installed via Disk Imaging / Disk Cloning:
http://support.microsoft.com/kb/555351

NewSID is a program developed by sysinternals that changes a computer's SID. It is free, comes with full source, and is a Win32 program, meaning that it can easily be run on systems that have been previously cloned. NewSID works on Windows NT 4, Windows 2000, Windows XP and Windows .NET Server. You can download NewSID from http://www.sysinternals.com/Utilities/NewSid.html

Back to the top Back to the top
APPLIES TO
• Microsoft Windows XP Professional
• Microsoft Windows Server 2003, Standard Edition (32-bit x86)
• Microsoft Windows 2000 Service Pack 3
• Microsoft Windows 2000 Service Pack 4
• Microsoft Windows Server 2003, Enterprise Edition (32-bit x86)
• Microsoft Windows XP Service Pack 1
• Microsoft Windows XP Service Pack 2
• Microsoft Windows XP Media Center Edition 2002
Back to the top Back to the top
COMMUNITY SOLUTIONS CONTENT DISCLAIMER
MICROSOFT CORPORATION AND/OR ITS RESPECTIVE SUPPLIERS MAKE NO REPRESENTATIONS ABOUT THE SUITABILITY, RELIABILITY, OR ACCURACY OF THE INFORMATION AND RELATED GRAPHICS CONTAINED HEREIN. ALL SUCH INFORMATION AND RELATED GRAPHICS ARE PROVIDED "AS IS" WITHOUT WARRANTY OF ANY KIND. MICROSOFT AND/OR ITS RESPECTIVE SUPPLIERS HEREBY DISCLAIM ALL WARRANTIES AND CONDITIONS WITH REGARD TO THIS INFORMATION AND RELATED GRAPHICS, INCLUDING ALL IMPLIED WARRANTIES AND CONDITIONS OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE, WORKMANLIKE EFFORT, TITLE AND NON-INFRINGEMENT. YOU SPECIFICALLY AGREE THAT IN NO EVENT SHALL MICROSOFT AND/OR ITS SUPPLIERS BE LIABLE FOR ANY DIRECT, INDIRECT, PUNITIVE, INCIDENTAL, SPECIAL, CONSEQUENTIAL DAMAGES OR ANY DAMAGES WHATSOEVER INCLUDING, WITHOUT LIMITATION, DAMAGES FOR LOSS OF USE, DATA OR PROFITS, ARISING OUT OF OR IN ANY WAY CONNECTED WITH THE USE OF OR INABILITY TO USE THE INFORMATION AND RELATED GRAPHICS CONTAINED HEREIN, WHETHER BASED ON CONTRACT, TORT, NEGLIGENCE, STRICT LIABILITY OR OTHERWISE, EVEN IF MICROSOFT OR ANY OF ITS SUPPLIERS HAS BEEN ADVISED OF THE POSSIBILITY OF DAMAGES.
Back to the top Back to the top

Contact a Support Professional by Email, Online, or Phone.
Need More Help?
Contact a Support Professional by Email, Online, or Phone.
Search Support(KB)
Windows Server 2003

Advanced Search
Article Translations

Downloads
• Microsoft Baseline Security Analyzer v2.0 (for IT Professionals)
• Microsoft Windows Server 2003 Service Pack 1 (32 bit)
• Windows Server 2003 Resource Kit Tools
More - Downloads...
TechNet Plus v2.0
Additional Resources & Related Sites
• Windows Server 2003 Site
• Windows Server 2003 Resources on TechNet
• Internet Information Services 6.0 Support Center
More - Additional Resources & Related Sites...
Community Newsgroups
• Windows 2003 Community Newsgroups
Related Support Centers
• Windows XP
• Windows XP Service Pack 2
• Windows 2000
• Windows Server 2003
Page Tools
Print this page Print this page
E-mail this page E-mail this page
Microsoft Worldwide Microsoft Worldwide
Save to My Support Favorites Save to My Support Favorites
Go to My Support Favorites Go to My Support Favorites
Send Feedback Send Feedback
Sign in to the Microsoft Passport Network
Contact a Support Professional by Email, Online, or Phone.
Need More Help?
Contact a Support Professional by Email, Online, or Phone.

Manage Your Profile |Contact Us
©2005 Microsoft Corporation. All rights reserved. Terms of Use |Trademarks |Privacy Statement
 
Ad

Advertisements


Ask a Question

Want to reply to this thread or ask your own question?

You'll need to choose a username for the site, which only take a couple of moments. After that, you can post your question and our members will help you out.

Ask a Question

Top