VMWare, fencing, and SID's, oh my!
The context is VMWare and systems in a Lab Manager fenced environment... What is the danger of having multiple (cloned) systems on a domain w/out them having a unique SID? Will DC's eventually get bogged down with processing or anything? The NewSID page states Duplicate SIDs aren't an issue in a Domain-based environment since domain accounts have SID's based on the Domain SID. I have a development environment where users can check out VM'd servers..the problem is while the IP's are unique, the SID's will be the same. What happens if I have 5 systems on the domain with the same SID? The 5 machines do not need to talk to each other. David Lum // SYSTEMS ENGINEER NORTHWEST EVALUATION ASSOCIATION (Desk) 971.222.1025 // (Cell) 503.267.9764 ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~
Re: VMWare, fencing, and SID's, oh my!
I saw a demo for this product a week ago, and the sales guy, fwiw, said to include a DC in the fenced area, with network rules on the router so the dc could only communicate with the fenced vm's. Sure looks like a slick product. Klint David Lum wrote: The context is VMWare and systems in a Lab Manager fenced environment... What is the danger of having multiple (cloned) systems on a domain w/out them having a unique SID? Will DC's eventually get bogged down with processing or anything? The NewSID page states Duplicate SIDs aren't an issue in a Domain-based environment since domain accounts have SID's based on the Domain SID. I have a development environment where users can check out VM'd servers..the problem is while the IP's are unique, the SID's will be the same. What happens if I have 5 systems on the domain with the same SID? The 5 machines do not need to talk to each other. */David Lum/*/ /*// *SYSTEMS ENGINEER NORTHWEST EVALUATION ASSOCIATION (Desk) 971.222.1025 *// *(Cell) 503.267.9764 ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~
RE: VMWare, fencing, and SID's, oh my!
The last time I ghosted a handful of Dells and didn't newsid/sidewalk them they replaced each other on the domain and 'kicked' the other off, so when I was all done, I had one pc on the domain (the last one) and the other 4 had all sorts of weird issues, the pc thought it was on the domain but when you went to compmgmt.msc and tried to enumerate the local accounts it would resolve the domain accts as the sid DOMAIN\111-34-5-667-8-9 (you know the one). Just my .02 ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~
Re: VMWare, fencing, and SID's, oh my!
I don't think this is an issue with VMWare's fencing capabilities in Lab Manager. Klint Benjamin Zachary - Lists wrote: The last time I ghosted a handful of Dells and didn't newsid/sidewalk them they replaced each other on the domain and 'kicked' the other off, so when I was all done, I had one pc on the domain (the last one) and the other 4 had all sorts of weird issues, the pc thought it was on the domain but when you went to compmgmt.msc and tried to enumerate the local accounts it would resolve the domain accts as the sid DOMAIN\111-34-5-667-8-9 (you know the one). Just my .02 ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~