Windows 2000
-
Hi Folks, I've got a question for any Win2K gurus out there. Recently I spoke to someone about disk cloning (using Norton Ghost for example). He told me that there are security problems with disk cloning, and that it is NOT a good idea. Something about "SID's"? :confused: Matt ------ Accept that some days you are the pigeon and some days the statue.
-
Hi Folks, I've got a question for any Win2K gurus out there. Recently I spoke to someone about disk cloning (using Norton Ghost for example). He told me that there are security problems with disk cloning, and that it is NOT a good idea. Something about "SID's"? :confused: Matt ------ Accept that some days you are the pigeon and some days the statue.
I think this may have something to do with issues caused by duplicate SID's in an Active Directory clusters though I am not positive on this. I use Ghost all the time at work though we are not yet on a Windows 2000 domain (it is still NT) until next year. Have a look at NewSID from Sysinternals, this allows you to change a machines SID afetr Ghosting. I also believe that Ghost and other disk duplicating software allow you to change the SID upon Ghosting if you use the right switches. Michael Martin Pegasystems Pty Ltd Australia martm@pegasystems.com +61 413-004-018 "Don't belong. Never join. Think for yourself. Peace" - Victor Stone
-
Hi Folks, I've got a question for any Win2K gurus out there. Recently I spoke to someone about disk cloning (using Norton Ghost for example). He told me that there are security problems with disk cloning, and that it is NOT a good idea. Something about "SID's"? :confused: Matt ------ Accept that some days you are the pigeon and some days the statue.
All new cloning tools that I know, handle the SID-stuff perfectly :-) There was problems with some older versions, but the last time I saw those problems was a couple of years ago... - Anders Money talks, but all mine ever says is "Goodbye!"
-
I think this may have something to do with issues caused by duplicate SID's in an Active Directory clusters though I am not positive on this. I use Ghost all the time at work though we are not yet on a Windows 2000 domain (it is still NT) until next year. Have a look at NewSID from Sysinternals, this allows you to change a machines SID afetr Ghosting. I also believe that Ghost and other disk duplicating software allow you to change the SID upon Ghosting if you use the right switches. Michael Martin Pegasystems Pty Ltd Australia martm@pegasystems.com +61 413-004-018 "Don't belong. Never join. Think for yourself. Peace" - Victor Stone
-
What happens if you have duplicate SID's in Active Directory? Matt ------ Accept that some days you are the pigeon and some days the statue.
Matt don't really know, when head office in Cambridge MA, decide to move us to a Windows 2000 Active Directory Domain I may understand the issues but not at the moment. Michael Martin Pegasystems Pty Ltd Australia martm@pegasystems.com +61 413-004-018 "Don't belong. Never join. Think for yourself. Peace" - Victor Stone
-
Hi Folks, I've got a question for any Win2K gurus out there. Recently I spoke to someone about disk cloning (using Norton Ghost for example). He told me that there are security problems with disk cloning, and that it is NOT a good idea. Something about "SID's"? :confused: Matt ------ Accept that some days you are the pigeon and some days the statue.
Hi! MS has tool addressed for this issue. It's called SysPrep. It is the part of the W2K distribution, and add-on for NT. Here is the abstract from the TechNet article "A Blueprint for Building Web Sites...". BTW, searching TechNet for the keyword "sysprep" I've found 188 issues. This is the first one. Regards, Gennady ------------------------------------------- SysPrep (Windows 2000) SysPrep is a tool (available in the Windows 2000 Resource Kit) designed to deploy fully installed Windows 2000 installations on multiple machines. After performing the initial setup steps on a single system, administrators can run SysPrep to prepare the sample machine for duplication. Web servers of a site farm are normally based on the same image with minor configuration differences like name and IP addresses. Additionally, the combination of SysPrep and a winnt.sif answer file provide the tools for making the minor configuration necessary for each respective machine. ----------------------------------------------