A big issue of Windows cloning is the duplication of the machine Security Identifier (aka SID). The SID represents all security principals on a computer (machines, domain computer accounts, users and groups). In the past simply duplicating a computer saw the SID copied to the other computer or in this case the virtual machine.

If you run sysprep, you don’t have to worry about it. However, the computing world being as it is there are always attempts to speed the process and avoid steps if possible.

One of these attempts was a nice little utility called NEWSID by Mark Russinovich. It was small, simple and it appeared to do the job. I admit to using it a couple times.

However, as with many things you learn later that it’s not the best thing to use. In this case, newsid starts having problems if you install applications and add them to your cloning process.  Mark Russinovich has a blog and a good entry about it so I won’t go into detail.

NEWSID was retired in 2009 and really shouldn’t be used anymore. Options are sysprep (expected by Microsoft) and third party (VMware SID generation).

I have used the cloning wizard of VMware and found it does generate a new SID. This was verified by using Mark’s program psgetsid. This is part of pstools and if you aren’t already using them, you should get them!

However, I am curious to how clean the VMware SID generation is and will go back and review some clones to make sure things are good.

Advertisements