User login

WHO'S ONLINE

There are currently 1 user and 3 guests online.

Online users

  • z3r0_0n3

COMPILATIONS

more

Windows Vista News

more

Linux Today

more

Locations of visitors to this page

Proudly Pinoy!


Add to Google Reader or Homepage

Subscribe in NewsGator Online
Add to My AOL

Subscribe by Email
[Valid RSS]
Free Web Hosting
TopPhilippineWebsites.com

Home » FORUM » Tutorials and How-To
Imaged/Ghosted using Disk Imaging software with duplicate SID
Posted on: Sat, 10/20/2007 - 03:27
Imaged/Ghosted using Disk Imaging software with duplicate SID

'It wont work if not installed using a sysprep or there's a security issues.'

If you have multiple computers in Active Directory Domain (imaged / ghosted using Disk Imaging software with duplicate SID) with this behavior, then you can add a simple computer startup script that runs as part of the boot up process (before the user logs in) under the system context and has admin rights.

The VBScript below will only delete the values once even if the script is run multiple times, by setting a registry marker.

'============================================
Set oShell = CreateObject("WScript.Shell")

sRegKey = "HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate"

' suppress error in case values does not exist
On Error Resume Next

' check for marker
sIDDeleted = oShell.RegRead( sRegKey & "\IDDeleted")

' to be sure values is only deleted once, test on marker
If sIDDeleted <> "yes" Then
' delete values
oShell.RegDelete sRegKey & "\AccountDomainSid"
oShell.RegDelete sRegKey & "\PingID"
oShell.RegDelete sRegKey & "\SusClientId"

' Stop and start the Automatic updates service
oShell.Run "%SystemRoot%\system32\net.exe stop wuauserv", 0, True
oShell.Run "%SystemRoot%\system32\net.exe start wuauserv", 0, True

' Run wuauclt.exe with resetauthorization
sCmd = "%SystemRoot%\system32\wuauclt.exe /resetauthorization /detectnow"
oShell.Run sCmd, 0, True

' create marker
oShell.RegWrite sRegKey & "\IDDeleted", "yes"
End If
'============================================

OR run this batch file:

Note: Below batch script has to be done only once.

============================================
@echo off
Echo Save the batch file "AU_Clean_SID.cmd". This batch file will do the following:
Echo 1. Stop the wuauserv service
Echo 2. Delete the AccountDomainSid registry key (if it exists)
Echo 3. Delete the PingID registry key (if it exists)
Echo 4. Delete the SusClientId registry key (if it exists)
Echo 5. Restart the wuauserv service
Echo 6. Resets the Authorization Cookie

Pause
@echo on
net stop wuauserv
REG DELETE "HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate" /v AccountDomainSid /f
REG DELETE "HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate" /v PingID /f
REG DELETE "HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate" /v SusClientId /f
net start wuauserv
wuauclt /resetauthorization /detectnow
Pause
============================================


___________________

"The important thing is not to stop questioning. Curiosity has its own reason for existing."
Windows Support / Core Member


Posted on: Fri, 10/24/2008 - 21:43 #1

Hi Sir,

Pwede po bang detail nyo yung paggamit nang bash script, ano po to delete nya yung SID or Regenerate sya ng Bago?

Posted on: Tue, 10/28/2008 - 13:58 #2

Try this. If your not familiar sa Script. Usually mas maganda yung step ni HansCheska. Para roll out.

-----------------

NewSID v4.10
By Mark Russinovich and Bryce Cogswell
Published: November 1, 2006
IMPORTANT:

Regarding SIDs, Microsoft does not support images that are prepared using NewSID, we only support images that are prepared using SysPrep. Microsoft has not tested NewSID for all deployment cloning options.

For more information on Microsoft's official policy, please see the following Knowledge Base article:

* The Microsoft policy concerning disk duplication of Windows XP installations

Top of page Top of page
Introduction

Many organizations use disk image cloning to perform mass rollouts of Windows. This technique involves copying the disks of a fully installed and configured Windows computer onto the disk drives of other computers. These other computers effectively appear to have been through the same install process, and are immediately available for use.

While this method saves hours of work and hassle over other rollout approaches, it has the major problem that every cloned system has an identical Computer Security Identifier (SID). This fact compromises security in Workgroup environments, and removable media security can also be compromised in networks with multiple identical computer SIDs.

Demand from the Windows community has lead several companies to develop programs that can change a computer's SID after a system has been cloned. However, Symantec's SID Changer andSymantec's Ghost Walker are only sold as part of each company's high-end product. Further, they both run from a DOS command prompt (Altiris' changer is similar to NewSID).

NewSID is a program we developed that changes a computer's SID. It is free and is a Win32 program, meaning that it can easily be run on systems that have been previously cloned. NewSID works on Windows NT 4, Windows 2000, Windows XP and Windows Server 2003.

Download Now!
http://download.sysinternals.com/Files/NewSid.zip


___________________

"Your talent is God's gift to you. What you do with it is your gift back to God."
http://www.aeonmike.co.cc



FREE cPanel Web Hosting with PHP5/Mysql - no advertising!
Register now: http://www.000webhost.com/39629.html