Bienvenido! - Willkommen! - Welcome!

Bitácora Técnica de Tux&Cía., Santa Cruz de la Sierra, BO
Bitácora Central: Tux&Cía.
Bitácora de Información Avanzada: Tux&Cía.-Información
May the source be with you!

Saturday, June 19, 2010

Check your SID using PsGetSid


As more and more people using virtualization, they face the problems like having two same SIDs on the network.
Using NewSid to change SID. NewSid is officially not supported by Microsoft anymore, so your virtual machine who’s SID was changed with NewSid is not supported anymore. Microsoft recommends using sysprep as a method to change SID on your operating system.
If you just need to change Security Identifier (SID) on at least two operating systems, because by coping virtual hard disk of the first operating system you have also copied it’s SID. The best way to do this is to use free software called NewSID (currently in version 4.10), developed by Sysinternals. In this post I’m gonna describe you how to use NewSID to change SID of your operating system. This tool, which packed size is only 68kb can be downloaded at Technet.
Unzip the newsid.exe application, start it and agree with the licence terms. You will see Welcome screen which tells you what NewSID is and tells you to backup your system before using it.

NewSID is not supported on Windows Server 2008 R2 and Windows7.
To change SID, use sysprep as described in tutorial How to change SID on Windows 7 and Windows Server 2008 R2 using sysprep?

I’ll show you how to use it in my next post, but today I’ll show you how easy is to check your SID, using free tool from Sysinternals called PsGetSid.
First you have to download PsGetSid from PsGetSid download page. Then extract it from the archive PsTools (for example on your desktop). You’ll see PsGetSid among the other PsTools.
Using Command Prompt navigate to that folder, and use simple command:
where COMPUTERNAME is the name of your computer.
PsGetSidIn my case I used psgetsid WS2008R2-3.


Also, there are other possibilities, and usage is as follows:
Usage: psgetsid [\\computer[,computer[,...] | @file] [-u username [-p password]]] [account|SID]
PsGetSid works for sure on Windows Server 2008 R2 , but it should work also on Windows XP, Windows Server 2003, Windows Vista, Windows 7
PsGetSid download page and instructions
PsGetSid direct download link

How to change SID on Windows 7 and Windows Server 2008 R2 using sysprep

sysprep 2.0 (that came on the XP CD) does not work with Windows 7 at all.
Tried the Windows 7 version of sysprep in C:\Windows\system32\sysprep, but that goes through the entire OOBE process again (and it runs again at every reboot!)
All I want it to do is prompt for a computer name and reset the SID of the system.
In the past we have used NewSID on Windows XP and that has worked (as far as I know). I've read that sysprep is preferred over this. It's an old-ish product (2005) so resetting Windows 7 SIDs it on a production network (~400-500 machines) irks me a little.
Would NewSID work on Windows 7? If not, what SID-resetting software would you guys recommend??

AnswerNew SID is not officially supported by Microsoft. I recommend you do not use it especially with Windows 7 or Windows Server 2008 R2
The official way to change SID is using sysprep which is built into Windows 7
select Generalize if you want to change SID
In terms of doing the Windows 7 deployment, Microsoft provides a free toolkit called Microsoft Deployment Toolkit (MDT) 2010 which is specifically designed for imaging/deploying Windows 7 machine into businesses
Microsoft Wellington
Deploy Windows 7 and Windows Server 2008 R2 with the newly released Microsoft Deployment Toolkit 2010. MDT is the recommended process and toolset for automating desktop and server deployment. MDT provides you with the following benefits:
Unified tools and processes required for desktop and server deployment in a common deployment console and collection of guidance.
Reduced deployment time and standardized desktop and server images, along with improved security and ongoing configuration management.
Fully automated Zero Touch Installation deployments by leveraging System Center Configuration Manager 2007 Service Pack 2 Release Candidate and Windows deployment tools. For those without a System Center Configuration Manager 2007 infrastructure, MDT leverages Windows deployment tools for Lite Touch Installation deployments.

No comments: