I've been setting up a test network using Virtual Server, creating a base Windows 2003 template image and then using differencing disks to customize the individual machines. This creates an interesting problem in that the SID is identical on each machine, meaning when you log into the domain you're likely to receive the following error:
The name or security ID (SID) of the domain specified is inconsistent with the trust information for that domain.
The standard way to prepare an image for cloning and remove all uniquely identifying information is of course to use Sysprep. If like me that suggestion has come a touch late and reinstalling via Sysprep is slight overkill, then you can use the handy NewSID utility from http://www.sysinternals.com. This will allow you to reset the SID of the machine to either a randomly generated or manually selected value.
Note: You should remove the computer from the domain before changing its SID, since the machine account will be invalidated by the process. Once the new SID has been applied you should be able to rejoin the machine to the domain.
I've quickly listed the basic stages of the process here.
First, run the newsid.exe program. As the dialogue box above suggests, you should back up any valuable data from this machine before continuing in case something goes wrong.
Choose the SID you want; a randomly generated SID will probably be fine for your needs, but as shown you can copy one from another machine or manually specify one should you wish.
NewSID provides the option to rename the machine at the same time, which is useful if you're running it on a cloned template image.
Confirm the changes.
Don't turn off the computer while it is updating the SID; doing so is likely to leave it in an unstable state. Once it has completed and rebooted, you should be able to join the machine to the domain with no SID conflict issues.
Thanks for posting this -- very helpful
Exactly my problem, bless you sir!