It is not uncommon for system administrators to clone virtual servers or take an image of physical servers running Windows Server 2008 these days. There are plenty of tools to do that these days (Ghost, Acronis, Platespin for P2V conversions, etc.) If this is something you do regularly then you won’t be unfamiliar with Sysprep or NewSID, but according to Mark Russinovich at Microsoft, the SID doesn’t matter and Sysinternals have now retired NewSID (written by Mark). NewSID isn’t supported in Windows Server 2008 and the only option now is to use Sysprep. Whilst the facts presented on Mark’s blog are correct, I have personally seen many issues cloning or imaging Windows Server 2008 machines that haven’t been cloned with Sysprep first. Let me present a typical scenario that would cause problems here.Scenario:
1) Build a Windows Server 2008 R2 server, apply patches and various tweaks.
2) Shutdown the server and take an image (or clone it to a virtual machine template). Note: I haven’t used Sysprep!
3) Deploy two new servers from the image or template. Promote one to a domain controller and add the other one to the domain as a member server.
2) Shutdown the server and take an image (or clone it to a virtual machine template). Note: I haven’t used Sysprep!
3) Deploy two new servers from the image or template. Promote one to a domain controller and add the other one to the domain as a member server.
In this scenario the first problem I would encounter is that any domain users that are a member of Domain Admins will not have the appropriate permissions to access PowerShell or Computer Management. The default Administrator account would work fine. Secondly, if I try and ping the domain controller I would get the following error:
C:\Users\User1>ping LAB-DC01
Unable to contact IP driver. General failure.
So the SID really does matter. Prior to taking your clone or image, just remember to use Sysprep as follows:
1) Run Sysprep (on Windows Server 2008 this is located in c:\Windows\System32\Sysprep\Sysprep.exe)
2) Ensure ‘System Out-of-Box Experience (OOBE)’ is selected
3) Tick the ‘Generalize’ option (this resets the SID)
4) Select ‘Shutdown’ from the Shutdown Options.
5) Once the machine has shutdown, take your image and you are good to go!
2) Ensure ‘System Out-of-Box Experience (OOBE)’ is selected
3) Tick the ‘Generalize’ option (this resets the SID)
4) Select ‘Shutdown’ from the Shutdown Options.
5) Once the machine has shutdown, take your image and you are good to go!
No comments:
Post a Comment