The SID Duplication Myth

Microsoft's Mark Russinovich (formerly of Winternals fame) has posted a great bit of information busting a popular myth about duplicate SIDs on cloned machines.

I admit, I always thought running something like NewSID was mandatory on cloned machines for correct Windows domain and WSUS functionality, but apparently that's not the case.

I can recall some product (it may have been Trend AV, but I could be wrong) that did seem to rely on the machine SID (ie: on cloned machines pre-NewSID there were problems), but then Mark does mention that while no Microsoft applications look at the machine SID, other 3rd party applications may still require the use of something along the lines of NewSID.

Also be wary of cloning machines after joining them to a domain as duplicate domain SIDs are a different thing entirely and can cause headaches...

0 Response to "The SID Duplication Myth"

Post a Comment

powered by Blogger | WordPress by Newwpthemes | Converted by BloggerTheme