NewSid

Just set up my fisrt FOG server and used it in anger :-), but just had a thought, is there anyway in FOG or using an addin to auto NewSid the PC after the image completes rather than having to manually go to each one and run NewSid?

Only thing I can think of which is most likely not an elegant way is before you create the image of the machine is to make a vbscript that launches new sid to give the machine a new sid and after its been launched pause for long enough to allow new sid to apply its settings and then delete the startup registry key and new sid

Quote:

---

Originally Posted by mac_shinobi

Only thing I can think of which is most likely not an elegant way is before you create the image of the machine is to make a vbscript that launches new sid to give the machine a new sid and after its been launched pause for long enough to allow new sid to apply its settings and then delete the startup registry key and new sid

---

Yep, just how we do it :D

And it is quite elegant, as the VB script deletes it's self and then you have a new SID and of course FOG takes care of the renaming (although new sid does remain on the machine)

Quote:

---

Originally Posted by Paul_L

Yep, just how we do it :D

And it is quite elegant, as the VB script deletes it's self and then you have a new SID and of course FOG takes care of the renaming (although new sid does remain on the machine)

---

You could get the vbscript assuming the path is always the same get it to delete newsid.exe first, then delete the registry startup / run key so it does not keep looking for the newsid.exe and then delete itself

You should use sysprep.

We use sysprep :)

You should be syspreping your machines before taking the image.

If you need a guide read this and watch the step by step video tutorial.

Hey guys.
Im kind of a noob at fog, and Im trying to ditch sysprep, ad it is causing myself and fellow ITs a headache. We would like to implement NewSid into the image. However, FOG seems to do an auto-reboot just before joining the domain, and we would like to use NewSid before it joins the domain. (It boots to desktop, then shutdown immediately). When we image labs, we dont wish to have 30 or so of the same SIDs on the domain. Unfortunately the time on the desktop is about 10 seconds before it reboots again. How would I fix this? I am thinking of de-selecting the Active Directory function on the hosts in FOG, then, before the machine joins the domain, run NewSid, purge newsid, then join the Domain. Is this the best solution?

Quote:

---

Originally Posted by Paul_L

Yep, just how we do it :D

And it is quite elegant, as the VB script deletes it's self and then you have a new SID and of course FOG takes care of the renaming (although new sid does remain on the machine)

---

Any chance of a copy of that script?

Quote:

---

Originally Posted by TechSupp

Any chance of a copy of that script?

---

Here it is:

Paul_L accidently ran the script instead of opening it (so it deleted itself).

If you have the FOG Client installed you will also need a second script that copies the .vbs file into startup.

Firstboot.bat

Code:

---

copy C:\newsid\newsid.vbs "C:\Documents and Settings\All Users\Start Menu\Programs\Startup\newsid.vbs"
del "C:\Documents and Settings\All Users\Start Menu\Programs\Startup\firstboot.bat"

---

Place that it startup, then shut the machine down and image it.

you need to make a folder on C called "newsid" and place newsid.vbs in there.

newsid.vbs

Code:

---

Set objFSO = CreateObject("Scripting.FileSystemObject")
strScript = Wscript.ScriptFullName
objFSO.DeleteFile(strScript)

Set objShell = CreateObject("Wscript.Shell")
objShell.Run "C:\newsid\newsid.exe /a"

---

On the first boot the FOG client will rename the machine (cant put it on the domain tho, cause the sid wont be set), and firstboot.bat will place the newsid script into startup. When FOG reboots the machine it will then run newsid and reboot itself.

I am looking into making it join a domain aswell

Sysprep doesn't just regenerate the SID... other funky stuff goes on in the background too.

It's certainly no hardship to run Sysprep (once you remember to specify the right options :rolleyes: ). I keep a folder in a share so that I can just copy it straight to c:\ and run sysprep using the same sysprep.inf for all my builds. Simples!

I agree, sysprep is the best way to do it.

I may be being a little dense here but I always thought Sysprep was just so that an image can be passed to a machine with a different hardware setup?

How can this replace NewSID and apply a new SID to each rebuilt PC?

Quote:

---

Originally Posted by Jed

I may be being a little dense here but I always thought Sysprep was just so that an image can be passed to a machine with a different hardware setup?

How can this replace NewSID and apply a new SID to each rebuilt PC?

---

Sysprep can be used to add additional drivers and the like but its basic function removes all the security identifies and takes it back to the state that the machine would have been in if you had just unpacked it.

Using FOG, you can then rename it and join it to the domain without any interaction.

Personally, I don't do the whole driver thing with sysprep... I just use it to prepare machines to have their image taken. I'm happy having a separate image for each model of machine.

Hi Guys,

I've got sysprep workin now. Am I right in thinking that instead of using the -reboot switch (which I assume is for tesring) you remove that switch and allow sysprep to run on the first boot after deploying the image?

Cheers,

Jed