5

When I add new machines built with cloned drives to the network the fact that they have the same SID doesn't present any problems, except for WSUS, which shows only one instance of the clones, normally the last one added, rather than each instance. With newsid no longer being readily available how do others manage this? Alternatively, I'd be very grateful if someone who still has a copy of newsid can share it with me.

So far I've only done the cloning with Windows XP, so can't say yet if the same problem exists with later versions, although I'll be doing this with Windows 7 in a couple of weeks.

Before anyone asks why I don't use Microsoft's "approved" method of cloning, these machines have a lot of applications that need to be installed and configured correctly, which doesn't work properly, if at all, with sysdiff or sysprep. Despite the "official" statement that newsid never really worked, those of us who have used it know differently.

John Gardeniers
  • 27,262
  • 12
  • 53
  • 108

1 Answers1

2

The SID isn't the problem. Windows keeps a "Client ID" by which it identifies itself to WSUS. Your image has this ID, so all the machines made from it also have the same ID. The easiest fix is to delete the registry entry from the image itself, otherwise you just have to delete it from each computer the image is written to.

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate will contain 2 or 4 entries:

SusClientId
SusClientIdValidation
 and optionally
PingID
AccountDomainSid

Delete the Sus prefixed entries. restart the Windows Update service if its a running computer.

Chris S
  • 77,337
  • 11
  • 120
  • 212
  • It would seem I jumped to the wrong conclusion. It's just that way back when I *did* have, and used, a copy of `newsid` I didn't have this issue. I'll add suitable entries to the script we use to connect the client machines to WSUS (no AD or GPO here). – John Gardeniers Jan 06 '13 at 08:56
  • Well there's more to the story, the SusClientId is based on the SID. If it doesn't match (eg you run `newsid`) then the client generates a new ClientId. So, you can see where it's easy to confuse them. – Chris S Jan 07 '13 at 15:54
  • Very helpful info, which does help me to understand how I arrived at the wrong conclusion. – John Gardeniers Jan 07 '13 at 22:52