You will also get domain groups (i.e. Domain Admins), not correctly nesting in local groups.
Also remember: you have to check the "generalize" box in the 2K8 flavor of sysprep ... otherwise you have to run something like newsid... -sc From: andy [mailto:afo...@psu.edu] Sent: Tuesday, June 02, 2009 8:28 AM To: NT System Admin Issues Subject: RE: Random explorer.exe issue Duplicate sids would give you machine errors of the type... machine name not found duplicate name unable to join the domain unable to contact the domain or other type of errors. Since I have been syspreping or sidwalking, I have not seen these errors in a while. So if the errors are not exactly worded.... I have not seen a duplicate SID cause you not to get a desktop. I would go with the virus or something else corrupting the logon process. It is possible that your machine was compromised and your virus scanner did not restore the logon executable properly. I had this happen a couple of times. Andy0 t 05:44 PM 6/1/2009, Joe Heaton wrote: Don, Wouldn't there be some trace if there were duplicate SIDs detected? I can believe this might be this issue, as we imaged these machines... ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ < http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/%3E%A0> ~ --------Andy-Ofalt---863-3449------405-Ag-Admin-Bldg------for more information go to http://ict.cas.psu.edu/Contacts.html <http://ict.cas.psu.edu/Contacts.html%A0> ---------- My little blurb to eat up bandwidth and make your mail box even larger +++++++++++++++++++++++++++++++++++++++++++++++++++ The real problem is that IP, a connectionless protocol, was never developed to be the universal protocol. ATM was developed to serve that purpose and failed. +++++++++++++++++++++++++++++++++++++++++++++++++++ ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~