Cloning SID and domain membership + security

Hi all, I am considering installing a dual boot W2K/WXP system on my laptop. I have an existing accounts configuration and domain membership that I would like to keep. My only possibility so far would be to clone my system partition with ghost and upgrade the cloned partition.

Everything New Technology 1823 This topic was started by ,


data/avatar/default/avatar05.webp

4 Posts
Location -
Joined 2005-03-04
Hi all,
I am considering installing a dual boot W2K/WXP system on my laptop. I have an existing accounts configuration and domain membership that I would like to keep. My only possibility so far would be to clone my system partition with ghost and upgrade the cloned partition. However, I do not consider this option as I have many installed applications. Also, I don't want to create a second machine account on the domain...
Is there anyway to clone or restore after installation the domain membership/accounts ? I know how to restore the system ID using "newsid" from sysinternals ( http://www.sysinternals.com/ntw2k/source/newsid.shtml) but that's not enough to clone my domain membership and security accounts settings.
Thanks for your help.
 
GSA
 

Participate on our website and join the conversation

You have already an account on our website? Use the link below to login.
Login
Create a new user account. Registration is free and takes only a few seconds.
Register
This topic is archived. New comments cannot be posted and votes cannot be cast.

Responses to this topic


data/avatar/default/avatar04.webp

352 Posts
Location -
Joined 2003-03-28
Doesn't xp have a migration wizard tool? On the actual XP cd itself?

data/avatar/default/avatar05.webp

4 Posts
Location -
Joined 2005-03-04
OP
Thanks for your reply.
Unfortunately, it is not that simple. The XP migration wizard is only there to transfer "simple" user parameters and preferences. It will not clone your SID nor your domain membership etc..
My question is still open.
 
GS
 

data/avatar/default/avatar39.webp

25 Posts
Location -
Joined 2002-02-28
I'm not certain I follow you but, when you back up a system and restore it without using sysprep or any other utilities to wipe the SID fom the system, the restored machine should hold it's SID just fine.
 
I assume you intend to:
1. Ghost backup the system
2. Put 2 partitions on te drive
3. Restore the ghost image to one of the partitions
4. Install the new OS on the second partition
5. Have a switching mechanism at startup
 
Correct?
The image restored in step 3 holds the same SID as the one backed up in 1. Also, all user/group accounts on the machine would NOT be affected by any SID wiping utilities... only the machine account itself.
 
The new OS will get it's own SID and there's nothing you can do to "copy" the SID to it that I'm aware of... especially if it's a different OS since OS determines how the SID is structured.

data/avatar/default/avatar39.webp

25 Posts
Location -
Joined 2002-02-28
Upon further review...
 
You want 1 machine account... if you:
1 backup the system (2K I assume)
2 add a partition
3 restore the image to the second partition
4 upgrade the first partition from 2K to XP
 
That might do the trick you want... you would have to clean up the restored image well before upgrading it but, you have a backup so there's more room for error.
 
This should maintain the same SID and a single domain account unless the SID changes due to OS differances... I'm pretty certain that a SID in part IDs the OS installed. In an upgrade that may not be true.

data/avatar/default/avatar05.webp

4 Posts
Location -
Joined 2005-03-04
OP
Upgrading is what I want to avoid for evident reasons, I tried it already this way and it works but I have no way to really clean up corrctly W2K and upgrade it to some clean XP... I already tried but it's all messed up after that, my XP doesn't work so well.
I'd like to track down the necessary SAM information to replicate the SID and accounts IDs from one OS to the other to have the two OSs appearing to be the exact same machine (except from the OS version).
 
GS
 

data/avatar/default/avatar30.webp

125 Posts
Location -
Joined 2002-03-26
Why would you want to do this? Just make 2 computer accounts in the domain.
 
Also, the machine account's password is changed periodically so eventually, even if you get this working it will break when the password is changed from one OS and then you boot up in the other OS. You can disable this password changing, but that nullifies some of the security of having the PC in the domain in the first place.