Hot Shot
Hot Shot

SID changer before or after Windows Update?

I've been making a habit of putting one role per one Windows Server vm because vCenter makes it so easy to clone.

Although cloning servers without changing the sid isn't the end of the world, I do take advantage of the SID changer that is slipstreamed into the clone process.

When the vm is powered on, it will restart a couple of times on its own until its netbios name has been changed.

Can I do this on a "golden image" with Windows Updates already applied? They are getting quite long and montrous now.

A new install of 2012R2 wants about 1Gb of updates from Windows Update.




Tags (2)
0 Kudos
2 Replies


The problem with SID is not windows updates, but duplication within the Active Directory Domain. I usually create a virtual machine, run all the updates and then transform it into a template. When I have to create a new server I "create a new virtual machine for this template" and then I apply a "customization" which also performs the SID change, so in 10/15 minutes I have a Servers ready and updated. When the Microsoft updates (the second Tuesday of each month) come out, I reconvert the template into vm, apply the updates and reconvert it into a template. Ready to create new updated Servers.

Having said that I suggest you to change the SID immediately and not wait to update the vm leaving the duplicate SID.


Blog: https://www.aleadmin.it/
0 Kudos

SID duplication problem is not related to the windows update. When you join the system to a domain, they will be registered with their Security Identifier (SID) in the Active Directory Database, So the duplicate of them will be root of many future problems.

Create your required VM first. Before joining to the AD, update it successfully (Security / Critical are more important parts) and install what you required and then Sysprep it (generalized / OOBE). At last convert it to a Template. So every VM of you need, create a new VM from this one.

Please mark my comment as the Correct Answer if this solution resolved your problem
0 Kudos