Isn't a New SID created every time you join a machine to a domain? So, If I have Machine A, I remove it from the Domain and into a workgroup, clone it to Machine B and Machine C, then join Machine B and Machine C to the domain both machines will have unique SID's
I have NEVER had a problem doing it this way, I just usually never join machine A to the domain in the first place. Just make sure that Machine A is not on the network when you turn on Machine B before you rename it.... I am sure there are valid reason not to do it this way, and valid reasons to use Sysprep; however, saying it will cause problems or cause DC's to puke is simply inaccurate. -----Original Message----- From: Ben Scott [mailto:mailvor...@gmail.com] Sent: Wednesday, March 11, 2009 1:08 PM To: NT System Admin Issues Subject: Re: sysprep question On Wed, Mar 11, 2009 at 11:30 AM, Reimer, Mark <mark.rei...@prairie.edu> wrote: > I've read that I do need to sysprep, and I've read that I don't need to > sysprep because the machines are on a domain That's wrong, and maybe even backwards. The major thing SYSPREP does is generate a new SID (Security Identifier) for the machine. The SID is what Windows uses to uniquely identify the machine -- it matters more than the hostname, the AD GUID, and the SPN. If you have two machines on the domain with the name SID, the domain controller will puke all over the place, as it sees two PCs with the same SID. If you're *not* running a domain, and the computers don't need to talk to each other or the same server, then you might be able to get away without SYSPREP. The computers will all have the same SID, but since they never encounter each other, they don't notice. -- Ben ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~ ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~
