The SID question?!

[UselessUser]

Hi,

We have a few computers in a workgroup that were cloned via Ghost from
bootfloppy. Ghostwalker etc was not used. I am trying to understand now we
are going to go down the domain route what exactly happens regarding the
SID's?

The computer from which the image was taken was joined to the domain and
then disjoined and rebooted before being ghosted. Once each machine is
ghosted it is joined to the domain. This does not seem to have caused any
problems.. I guess my main questions are:

Is there just one computer sid or is there a computer sid and a domain sid

If there is just one SID does this get changed when you join the domain etc
- (hence why my setup is working - and if this is the case how do local user
account ntfs permissions for example still work as surely the SID is not the
same?)

Does the SID problem only occur if I pulled down a image that was still
joined to a domain and then just rename the PC and then try to join? Getting
a bit confused about this topic as you can tell?

 

[Anteaus]

From my experience it's a fairly academic consideration. If you are
concerned, then run Sysinternals' NewSID on all of the desktops.

Though, there are more serious security concerns in the domain model. For
example, that of 'administrative shares' giving access to ANY HD on the LAN
when logged-on to any desktop as a Domain-Admin user.

 

[Tyler Cobb]

Some of your questions have already been answered so I'd like to just throw
my own two cents in. For future reference, before you image a PC, be sure to
scrub the image with Sysprep. It's one of the Support Tools located on the
Windows XP installation disc. Once you scrub the drive, it will want to shut
down at which time you should go ahead and boot from an imaging disc and go
ahead and create your image. All new PCs spawned from the image will
auto-generate all new SIDs. I know it's too late now and there are other
alternatives to your problem, but maybe this will save you (or someone else)
some trouble in the future.