Workstations Already Deployed w/o Sysprep and w/ Novell Client

[Ignaurus13]

Hello all,



I spoke with company that currently uses Novell and deployed XP workstations
via disk duplication without using SYSPREP. These machines are all installed
with the Novell Netware Client. They would like to migrate to AD, but do not
want to reimage their workstations. Besides the profile translations
required and joining the domain, I see the following concerns:



Will Microsoft support instance of XP where the Novell Netware client was
previously installed.

Previously, I have heard that Microsoft will not support an instance of XP
once the Novell Netware client was installed, even if after it has been
uninstalled. In the past, the client has been notoriously difficult to
uninstall completely and switches out the gina.dll used for authentication.
Does anyone know the official stance or is this something that is negotiated
on a per customer basis?



Must all existing workstations be issued new local SIDs to participate in
Active Directory and will Microsoft support this?

I know the bottom line is that Microsoft will not support duplicated XP
instances that have not been issued new SIDs by SYSPREP, so Microsoft
probably will not support these workstations if they are added to an Active
Directory domain with the same SID. The workstations will still be able to
join the domain since the domain issued SID will be different for each
workstation. The local SID for each are the same for each duplicated
computer and are only used for the machine itself and its media that
utilizes NTFS ACLS. I have not tried SYSPREPing workstations already
deployed and in use, so I am not sure if all profiles will be correctly
updated. Sysinternal's NewSID could help, but that method is also
unsupported by Microsoft.





Any thoughts?





Thanks,

Ignaurus13

 

[Hunter01]

Must all existing workstations be issued new local SIDs to participate in
Active Directory

No, they still seem to work without that effort. We regenerate SID's due
to Microsoft horror stories of what will happen if you don't, but on
plenty of occasions (including one occasion in our environment where
over 60 machines went out with the same SID due to someone who wanted to
shortcut) I've seen no probs with duplicate PC SID's. That being said,
it's such a trivial thing to change it, why not just do it? Just get the
sysinternals freeware app for it.

and will Microsoft support this?

Not if you tell them.

I know the bottom line is that Microsoft will not support duplicated XP
instances that have not been issued new SIDs by SYSPREP,

Only a fool would use Sysprep purely to change a SID when there are
infinitely better tools available for this at no cost, it butchers your
setup. It's only realistic point is to strip hardware settings so you
can have an image that will work across different hardware.

so Microsoft
probably will not support these workstations if they are added to an Active
Directory domain with the same SID.

Don't do so then, use the free tools available.

The workstations will still be able to
join the domain since the domain issued SID will be different for each
workstation.

Exactalactaly!


The local SID for each are the same for each duplicated
computer and are only used for the machine itself and its media that
utilizes NTFS ACLS. I have not tried SYSPREPing workstations already
deployed and in use,

Wouldn't bother unless you've got a lot of time to waste.

so I am not sure if all profiles will be correctly
updated.

On that I can't help you. Novell sucks (and despite having a lot more
flexibility in EDir than AD is going the way of the Dodo, guessing due
to its' grotesque instability and horrendous pricing structure, even in
excess of Microsoft's tooth-mining effort), when we migrated to AD in
'99 we just blew the machines away and went from scratch, the Novell
crap is too insidious to get rid of cleanly, and it was much easier to
clean everything up from the get-go, and had the benefit of coinciding
with an OS upgrade and eliminating all other incidental instabilities at
the same time. A lot of work but wellllll worth the effort at the end of
the project.

Sysinternal's NewSID could help, but that method is also
unsupported by Microsoft.

**** 'em, you can do it their way or the effective way.

Any thoughts?

Nah, just drunken babble. Hey, it's Friday night.... Shit, the last
couple of Friday nights I seem to be getting into repeated "why the ****
do people use sysprep for the wrong reasons" rants. Deja Vu is becoming
strangely disturbing!

 

[Shenan Stanley]

Hello all,



I spoke with company that currently uses Novell and deployed XP
workstations via disk duplication without using SYSPREP. These
machines are all installed with the Novell Netware Client. They
would like to migrate to AD, but do not want to reimage their
workstations. Besides the profile translations required and joining
the domain, I see the following concerns:


Will Microsoft support instance of XP where the Novell Netware
client was previously installed.

Previously, I have heard that Microsoft will not support an
instance of XP once the Novell Netware client was installed, even
if after it has been uninstalled. In the past, the client has been
notoriously difficult to uninstall completely and switches out the
gina.dll used for authentication. Does anyone know the official
stance or is this something that is negotiated on a per customer
basis?


Must all existing workstations be issued new local SIDs to
participate in Active Directory and will Microsoft support this?

I know the bottom line is that Microsoft will not support
duplicated XP instances that have not been issued new SIDs by
SYSPREP, so Microsoft probably will not support these workstations
if they are added to an Active Directory domain with the same SID.
The workstations will still be able to join the domain since the
domain issued SID will be different for each workstation. The local
SID for each are the same for each duplicated computer and are only
used for the machine itself and its media that utilizes NTFS ACLS. I have
not tried SYSPREPing workstations already deployed and in
use, so I am not sure if all profiles will be correctly updated.
Sysinternal's NewSID could help, but that method is also
unsupported by Microsoft.




Any thoughts?

Yes.. I have a thought. I think you are overthinking it all. heh

Run NewSID on the machines(if you feel so inclined - but I doubt you
have/will be using much in terms of direct Microsoft support anyway - not
that this situation precludes your ability to do so), if the profiles are
local profiles and the users will not be logging into the domain (which I
doubt) - you join the domain and the users move on.. If they log in local
now and will be logging into the domain afterwards - you will need to
export/import their profiles (migrate them.) That's it.

There are many scripts out there that will uninstall Novell clients with
ease.

 

[Ignaurus13]

I know I can get to correct and working end state, but I am more worried if
something else were to happen down the line, would Microsoft support the
environment knowing how it used to be? Would support be denied? The company
intends to be Microsoft shop and to eliminate Novell, but they just dont
want to reimage. Would this be acceptable or is this something that need to
be discusses with PSS?

Thanks,
Ignaurus13