Replace sysprep with newsid

In the last article, I mentioned that a virtual machine image may encounter many strange problems when it is used multiple times. This time I encountered another.

I used an image of Windows Server 2008 R2 and copied it six times. I created six virtual machines and joined them to the same domain.

When you add a domain user to a local user group when operating on a non-Domain-controlled virtual machine, the following error is reported:

Error message: A member cocould not be added to or removed from the local group because the member does not exist.

 

In an ultra-Clean System, the user name is normal. How can this happen? This may be the reason, because these systems are made from the same image and their Sid is the same. when a user group is added, this machine uses the SID as the identifier to contact the domain controller. However, the SID of the machine is the same as that of the domain controller. Therefore, you can find yourself and the result cannot be found. An error is returned.

 

If multiple virtual machines share the same Sid, there are many strange problems. For example, when using remote desktop, domain accounts cannot be logged in. for example, exchange cannot be installed, and domain control cannot be found in the error message. therefore, if you use the same image (vhd) in the setup virtual machine environment, you must replace the SID. otherwise, there are a lot of problems and it is difficult to troubleshoot.

 

Solution

============

Newsid has been retired, and newsid cannot be used on Windows Server 2008 R2.

You need to use the sysprep tool that comes with the system.

Run according to the settings. Restart.

 

 

Note:

After sysprep is run, information about the joined domain is lost, and the machine name is lost. therefore, non-domain control machines need to return to the domain before running sysprep. for domain control, depromo must be changed to a common machine before sysprep.