According to Mark Russinovich, and I may be wrong, but I also remember that this was an issue some 10 years ago....
What we did, back then, when we 'imaged' a new hard drive, or workstation/laptop, the image had the SID from the original image, so there was a way to run a Sysinternal utility that created a new SID. (IF I remember, the utility was called NEWSID.) But Mark Russinovich put out an article that stated that if you created an 'image' BEFORE you attached the original image to the domain, after you imaged the system and then added that computer to the domain a new SID would be created for that computer. The original SID was done away with and the new SID would be used. So, if you have a computer, using your example, called Testuser1, you would need to remove it from the old domain, and then rejoin it to the new domain. No need to regen a new SID since joining it to the new domain would automatically reset the SID, anyway. Now, if you don't have access to the old domain the local Admin account can remove the computer from the domain. Once that is done, you can then add the computer back to the new domain and the new SID will be in place. If I were you, I would read up on some of Mark's articles on this subject before you start removing/deleting SID's. In all likelihood, you may find that you probably won't need to delete anything at all. Daniel On Wed, May 4, 2016 at 10:03 AM, Kevin Ray <kevinalive...@gmail.com> wrote: > Hi All, > > Here is my scenario > > Machine : Computer1 > > User : Testuser1 > > In computer1 has 2 SID's stored which is related to Testuser1. > > Like Testuser1 with OLD domain SID and > Testuser1 with OLD domain SID > > So now looking for a specific sript > > 1. which it will compare if the machine has duplicate user SID's .it > should compare and remove/delete the old domain SID > > OR > > I know the Specific Old domain SID Id... if we can specify the SID it > should check and delete the SID > > > -- Daniel Rodriguez drod...@gmail.com
