Tuesday, November 3, 2009

Security ID: NewSID is Retired?!

Mark Russinovich had this interesting blog article. He retired the NewSID utility.

If you didn't know, the NewSID utility was part of the Sysinternals suite of free Windows tools and was used to change the Security ID used on Windows NT based systems. The article explains more, but basically the SID identified certain accounts on the computer (the names associated with them are a friendly format for people to read, the SID was the machine version that actually mattered, similar to the userid in Unix systems mapping 0 to Root; anyone with userid 0 was considered Root).

Mark is a guru in the Windows world; he wrote NewSID, so when he posts his explanation that basically the SID is useless and doesn't need to be changed then questioning him is like questioning the Bible. It just isn't done.

The weird part is that I've had systems at work that acted very very strange on the Active Directory domain if it had a SID that matched another machine. Use NewSID, and suddenly issues went away. Coincidence?

Hmm...

No comments:

Post a Comment