What is the risk of changing the SID of a Windows computer?

Rick May 21, 2010
Pinterest Stumbleupon Whatsapp

What is the risk of changing the SID of a Windows computer?

  1. Howell Lee
    May 24, 2010 at 7:17 pm

    One possible risk is applications that copy and use the SID in the registry for their operation may fail if you don't change the SID everywhere it exists in your registry. One example is WSUS (Windows Server Update Services)Again, see the article referenced above at http://blogs.technet.com/markrussinovich/archive/2009/11/03/3291024.aspx for more authoritative details. Using Microsoft's SysPrep to change the SID presumably changes all SID references that Microsoft knows about but because MS doesn't know what 3rd party apps are doing, changing the SID on a computer with applications installed entails a risk of an app failing.

  2. Steve Campbell
    May 22, 2010 at 9:16 pm

    Maybe this article will be of some use to you as well, pertaining to the reason for and how to accomplish this:


  3. Saikat Basu
    May 22, 2010 at 6:44 am

    Haven't ever done it myself, so won't be able to comment on the risks. But is your computer a standalone machine or is it a part of a workgroup? With the same SIDs in a workgroup, access permissions to specific computers could go for a toss. The best article on the subject happens to be from a Microsoft engineer. He does say that "neither he, or the windows security team could think of any situation where duplicate SIDs could cause any problems at all, against commonly accepted wisdom."There's also this Wiki on security identifiers.