If you’ve been working with Windows Server based networks for a long time, you probably take it as a given that you shouldn’t have two computers with the same Security Identifier (machine SID). The SID is the unique numeric identifier by which security principals – users, groups and machines – are designated. If you deploy Windows using image files, some deployment tools don’t generate a new SID and you end up with duplicates. One way to fix that has been to use the Sysinternals tool called NewSID to change it. Last November, however, the utility was retired. In this article, Mark Russinovich explains how the SID works and why duplicate SIDs – in most cases – don’t present a problem. There is, however, one exception to that rule. Find out when and why it matters in Mark’s excellent blog post, The Machine SID Duplication Myth:
About The Author
Debra Littlejohn Shinder is a technology and security analyst and author specializing in identity, security and cybercrime, utilizing her past experience as a police officer and police academy/criminal justice instructor. She has written numerous books and articles for web and print publications and has been awarded the Microsoft MVP designation for fourteen years in a row.