Is there a way to achieve the same result with regular Windows deployment tools? Mark Russinovich hinted in his post deprecating NewSID that this may be the case, but if so this capability is not documented. However, SysInternals' NewSID utility was deprecated and retired way back in 2009, and does not work properly on modern Windows versions. In this case you want every Windows system you build to share the same machine SID. This scenario comes up, for instance, if you want to script-build your development system from fresh Windows installation media as if it were a Linux container. Even if the files and folders have ACLs with only predefined, non-machine-specific SIDs such as the builtin Administrators group, their owner is the creating local user, identified by the machine SID and user RID. The machine SID is not exposed over the network, and as such it usually does not matter what it is, but local users' security identifiers are based on the machine SID, and this can create problems when sharing user profiles and user-created files on NTFS volumes. Windows Setup assigns a unique machine SID to a Windows system at install time.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |