fog and sid number



  • Server
    • FOG Version: 1.3.0 /23
    • OS: winxp
    Client
    • Service Version:
    • OS:
    Description

    hello

    Im looking how to generate and random sid number while cloning, I do loads of machines a week and at the moment can only clone them to certain point.

    Is there anyway i can do it to speed up process?


  • Moderator

    @digi One last comment is if you can find the newsid utility on the internet. Then just deploy that with a FOG snapin. That will change the workstations SSID still.

    I just checked my current copy of Ghost and that software no longer contains the sid update utility either.



  • @george1421 I have not acces to windows. cant do anything just clone whole lot. I know that about sid and stuff, pass it to big bosses but they says: nahhh we need change sid but u not gonna get password :).

    Well nothing else I can do it, do haf-load clone and work with it :).

    There is no point for other posts saying about sysprep etc, as I cant do it simply as that :).

    I think we can close this topic and move ahead :)


  • Moderator

    @george1421 said in fog and sid number:

    @digi I guess I’m a bit confused here. We can image 100s of systems a week and don’t really interact with the target computers post imaging. Once imaging starts we don’t touch the computers until the very end where we confirm that the systems boot up, connected to AD and users can login.

    The normal setup for deployment is to build a single reference image, load all windows updates, install all common software, make any configuration changes needed, then sysprep and shut down the image. This becomes our golden/mother/reference image. Then we pxe boot into FOG and capture our reference image into FOG. We build the reference image completely using Microsoft MDT. This way we get a consistent reference image each time we need to rebuild the reference image.

    From that point we pxe boot the target computers and then deploy the FOG captured image. After FOG completes and the target computer reboots, windows OOBE takes over and completes the installation without any human interactions. At the end the computer is ready to move to the work site.

    I think this is #wiki worthy. We should have an area in the wiki about how people build their images in general. It doesn’t have to be technical, but just using the correct terms so people can read it and google search things in it, get ideas, and learn.



  • @digi said in fog and sid number:

    nothing I can do with them. I will do as I do now.

    thank you

    There is no need to change the SID when u plan to join the computers into a windows domain after imaging, the only thing you have to keep an eye on is the susclientid, it will not change if you don’t use sysprep and the machines will not report to wsus if there are duplicate susclientid’s.

    You can forget that if you don’t use a WSUS server or if the master hasn’t the wsus server already configured.
    If you have a GPO that will set the WSUS server it will generate a susclientid then.

    If you don’t have native access to your golden master talk to the tech guy who’s generating it so hey may can sysprep it!

    Regards X23



  • nothing I can do with them. I will do as I do now.

    thank you


  • Senior Developer

    @digi What? I really don’t understand what you are trying to do. Special software aside, if you need to change the sid, you can, but you must have access to windows to do so. You can use the program called NewSID to do the work. How can you be being requested to grab an image of something that you can’t even boot into and be required to make changes upon the thing you cannot load? You don’t need to explain the company policies, but you should really kind of think of these things too.

    One way, as I’m seeing here, you might think of would be being told to change the locks in a bank vault’s security boxes without being able to open the vault itself. How would you do it?



  • game over for me then.

    Thank You guys for help .


  • Senior Developer

    @digi if you don’t have access to windows, you don’t have access to change the sid.



  • ok I explain it
    We have special soft before windows installation.

    I was about to clone whole pc and log in to windows and use sysprep just to change sid or use sysprep, but I have no access to winodows after installation fisnihed.
    Its seems mad, but that how is that here, Im looking to clone whole machine, and use some tool to

    1. make generalize image like a sysprep
    2. or done some way to change sid while machine booting first.

    Lets imagine guys, to clone machine without access to windows…

    At the minut im half way loading windows file, stopping and doing clone, then reboot and wait 1h or so for windows to finish installing…

    crazy but that is the way here.


  • Senior Developer

    @digi I am so very confused. Without knowing what it is you’re needing, it’s difficult to provide help to you. That said, if you sysprep the system (you don’t need the install media to do this), and capture your image in a sysprepped state, all of your machines will have a unique SID.



  • hi

    UI have no acces to windows that is a problem. Can say what im doing here as my company will sack me :)

    Its all about sid number nothing else


  • Moderator

    @digi I guess I’m a bit confused here. We can image 100s of systems a week and don’t really interact with the target computers post imaging. Once imaging starts we don’t touch the computers until the very end where we confirm that the systems boot up, connected to AD and users can login.

    The normal setup for deployment is to build a single reference image, load all windows updates, install all common software, make any configuration changes needed, then sysprep and shut down the image. This becomes our golden/mother/reference image. Then we pxe boot into FOG and capture our reference image into FOG. We build the reference image completely using Microsoft MDT. This way we get a consistent reference image each time we need to rebuild the reference image.

    From that point we pxe boot the target computers and then deploy the FOG captured image. After FOG completes and the target computer reboots, windows OOBE takes over and completes the installation without any human interactions. At the end the computer is ready to move to the work site.



  • hi guys.

    No I cant do sysprep as have no acces to windows at the and of installatio. Company policy .

    I just looking for the way to put random SID in to each clone while cloning.

    Going crazy about as im doing quite big number weekly, for now I can only do half-way installation clone, etc, copy all windows files etc, and stoping before first boot to windows.

    any idea guys? what about snapins?.

    try as well acronis but he asking for password


  • Moderator

    @digi newsid was retired for a reason. The creator posted a massive post about it, read up if you have time its a good read. x23 posted a piece of it below, I recommend reading it in full.

    But, for reasons that the creator of newSid listed himself, I’d recommend against using it. Just use sysprep instead if you need SIDs to be unique.



  • we have to use xp on this machines. also before win xp we load special software. seems newsid a solution for me now. As most of lads dont know how to use cmd :D



  • Hi,

    if you don’t want to generalize (sysprep) use NewSID but it’s retired:
    https://technet.microsoft.com/en-us/sysinternals/newsid.aspx

    Can still be downloaded for example here:
    https://blog.brankovucinec.com/downloads/newsid/

    Why the hell do you still use Windows XP? :)

    Before you start read THIS:
    https://blogs.technet.microsoft.com/markrussinovich/2009/11/03/the-machine-sid-duplication-myth-and-why-sysprep-matters/

    A little quote from the link:

    The reason that I began considering NewSID for retirement is that, although people generally reported success with it on Windows Vista, >I hadn’t fully tested it myself and I got occasional reports that some Windows component would fail after NewSID was used. When I set >out to look into the reports I took a step back to understand how duplicate SIDs could cause problems, a belief that I had taken on faith >like everyone else. The more I thought about it, the more I became convinced that machine SID duplication – having multiple computers >with the same machine SID – doesn’t pose any problem, security or otherwise. I took my conclusion to the Windows security and >deployment teams and no one could come up with a scenario where two systems with the same machine SID, whether in a Workgroup >or a Domain, would cause an issue. At that point the decision to retire NewSID became obvious.

    Good luck

    Regards X23


  • Senior Developer

    If you sysprep the images first, the sid would always be generic. Just a thought.


Log in to reply
 

431
Online

38953
Users

10704
Topics

101563
Posts

Looks like your connection to FOG Project was lost, please wait while we try to reconnect.