Tek-Tips is the largest IT community on the Internet today!

Members share and learn making Tek-Tips Forums the best source of peer-reviewed technical information on the Internet!

Register Log in
  • Congratulations wOOdy-Soft on being selected by the Tek-Tips community for having the most helpful posts in the forums last week. Way to Go!

Sid Checker

Status
Not open for further replies.
bhunji

bhunji

Technical User
Feb 19, 2003
65
CA
Is there a program (preferably free) or some other utility that can check for corruption of a computer sid?

Like my problem is this,

I have created an image of a machine, in order to install all software and configure it properly I had to join it to the domain, before taking the image I removed it from the domain.

I have been using Ghstwalk.exe(as its the only thing I've found compatible with XP so far) to change the name of the machine and SID of the newly imaged machines but for some reason when I restore this image if I run Ghstwalk it locks down the local and domain admin accounts with the Group policy of the server.

even BEFORE I add it to the domain the local admin will become locked down, but I have no local policies applied or even configured, so I have no Idea where its pulling the policy from...

If I don't run Ghstwalk the machine comes up fine and I can rename it manually, but I'm trying to automate this process
to avoid having to login as admin after I boot up.

I've had ghstwalk work on previous images with XP without any problems, so I'm unsure why its causing problems now...
 
Sort by date Sort by votes
bhunji

Do you run Sysprep (the program from MS that will reset a few reg keys) prior to creating the image, so that the first time the PC boots up, you can enter the machine name, the SID will get set correctly etc?

Sysprep for Windows XP:

How to use Sysprep to automate deployment of Windows XP:

With sysprep, you shouldn't need to use Ghost Walker.

John
 
Upvote 0 Downvote
The reason I'm not using Sysprep is because originally there were going to be 2 partitions both bootable, and from what I've read Sysprep can't do Dual boot systems as it would only strip the first partition, so although I'm down to only one partition right now, I'd like to keep with my automated process incase a 2nd partition needs to be added at a later date (i.e. someone changes their mind of what i need in the image).

Also the way I have it now the only user input required is which computer name the machine should be assigned, I have scripts within that will assign an IP based on the name and then join it automatically to the domain.

I've also read on Symantec's site (so I don't know how true it is) that Ghstwalk replaces more instances of the sid then just doing either a sysprep or manually changing the name within XP.
 
Upvote 0 Downvote
I just tried newsid, although it has a command line option it says it can't be run from DOS mode...

like the way I have it set up right now is this.

The first disk is bootable and the last disk contains ghstwalk to rename the machine and change sids, like when the image is done I present them with a list of possible machine names to choose from, toss that into a variable and hand it to ghstwalk.

if I use newsid, I'm not sure how I can avoid logging on as local admin, which i'm trying to do because I'm trying to make it so anyone can replace a failed computer with as few instructions as possible.

I have had this process work smoothly for other domains but this image is giving me trouble, I think there may be something corrupt within it, possibly sid related as it only really craps out when I do the ghstwalk...

I've run an anti-virus check but nothing turned up
I've also run norton's windoctor it came back with a few errors, I'm not sure if any of them were important, I also ran a windows utility to check for a corrupt registry but it says its fine...
 
Upvote 0 Downvote
I guess the basic reason for giving you the reference was not an alternative utility choice to the Symantec Ghost Walker, but the discussion.

If in your image you join the Domain, you create right there the issue. The reference above explains it, you are issued a Domain SID for the Workstation and the User account. Imaging at that point is hopeless. Do not join the Domain as part of the image.

If you do, you have SID issues that are unresolvable. Please read the whole discussion about SIDs from my earlier reference.

I love this site, and recommend a serious read of its Forums and their discussions:
 
Upvote 0 Downvote
I don't think joining the domain is my problem as I experience local admin lockdown without joining the domain.

I have tried, this image without my script to join the domain (I use netdom.exe with a user account specifically created to join domains) and with ghstwalk, I've tried it without ghstwalk and with my script.

If I reimage the machine without ghstwalk, local admin has no policies applied and I can either then join my domain manually or with my batfiles without problems.

However, If I image a machine and run ghstwalk afterwards, before I join the domain, when I log on as local admin it receives the user policy of the domain, which it should never receive, Its like it has kept a cache of the domain user policy and applied it locally.

I have noticed that if I boot up after restoring an image, then rebooting and running ghstwalk occasionally the local admin will not be locked down, unfortunately this doesn't fix the domain admin. The only policy I have on the server I have not applied to any one.

I ran gpresult.exe to find out which policy it was applying and it said it was using the Default Domain Policy,(Note I have nothing configured in my Domain Policy) and at that point I had NOT joined the domain so I have no Idea where its pulling the information from.
 
Upvote 0 Downvote
Status
Not open for further replies.

Similar threads

basball
  • Locked
  • Question
GPO or Registry mod to remove File and Folders Task (Common Tasks Side Bar)
Replies
1
Views
200
strongm
strongm
dan2229
  • Locked
  • Question
Running MalWare Bytes along side other antivirus programs
Replies
3
Views
189
goombawaho
goombawaho
moveit
  • Locked
  • Question
WINDOWS 7 PROFESSIONAL VERIFICATION CHECKER
Replies
14
Views
258
BadBigBen
BadBigBen
Goshawk943
  • Locked
  • Question
Sidekick 2 and Windows 7
Replies
2
Views
122
Goshawk943
Goshawk943
2ffat
  • Locked
  • News
Sidebar and Gadgets Security Advisory
Replies
0
Views
77
2ffat
2ffat

Part and Inventory Search

Sponsor

Back
Top