New Question

Revision history [back]

click to hide/show revision 1
initial version

answered 2016-10-05 21:58:03 +0200

alexpilotti gravatar image

Russinovich wrote in this Microsoft blog post from 2009 most of what needs to be known around SIDs, debunking the myths around SID duplication:

https://blogs.technet.microsoft.com/markrussinovich/2009/11/03/the-machine-sid-duplication-myth-and-why-sysprep-matters/

Russinovich wrote in this Microsoft blog post from 2009 most of what needs to be known around SIDs, debunking the myths around SID duplication:

https://blogs.technet.microsoft.com/markrussinovich/2009/11/03/the-machine-sid-duplication-myth-and-why-sysprep-matters/

Limiting this discussion to technical standpoints and assuming that Microsoft support is not a requirement, here's what I'd recommend (caveat emptor: this is not a Microsoft endorsed opinion):

  1. Sysprep is not needed for imaging
  2. Sysprep is not needed for AD joining cloned instances
  3. Avoiding Sysprep does not have security implications for local or remote ACLs (except non particularly significant concerns for external storage connected to a host)
  4. the unique ID used by WSUS can be regenerated by deleting the following key before cloning: HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionWindowsUpdate
  5. being unsupported territory, excluding reverse engeneering, there's no way to determine what can break with every new Windows release, beside empirical observation (aka trial and error).
  6. IMHO the advantages given by skipping sysprep in a cloud environment (significantly faster boot times, to begin with), outweigh by far the disadvantages
© 2014-2023 Cloudbase Solutions Content on this site is licensed under a Creative Commons Attribution Share Alike 3.0 license.
about | faq | help | privacy policy | terms of service
Powered by Askbot version 0.10.2