Forum Search:
Forum.Brain-Cluster.com: Brain Cluster Technical Forum
Ultimate forum for Technical Discussions

Home » Microsoft » Windows Server » Active Directory » Duplicate SIDs
Duplicate SIDs [message #159829] Mon, 10 August 2009 05:38 Go to next message
braveheuel  is currently offline braveheuel  Germany
Messages: 1
Registered: August 2009
Junior Member
Hello there,

I have a problem with a Windows Server 2008 Active Directory. I
migrated the Active Directory from a Windows 2000 Server. This worked
well, all users and groups were migrated.

But when I try to add a new user, an old one gets deleted. The event
viewer say, that there is a duplicate SID and the duplicate account
would be deleted.
That behavior is really anoying.

My question: Why does the server take an existing SID? Can I change
the next SID that would be taken for a new account?

Best regards,
Christoph Heuel
Re: Duplicate SIDs [message #159830 is a reply to message #159829] Mon, 10 August 2009 05:44 Go to previous messageGo to next message
meiweb(nospam)  is currently offline meiweb(nospam)  Germany
Messages: 1307
Registered: July 2009
Senior Member
Hello braveheuel,

See the reply in:
microsoft.public.adsi.general

and avoid multiposting, use crossposting instead with a newsreader like Outlook
express.

Best regards

Meinolf Weber
Disclaimer: This posting is provided "AS IS" with no warranties, and confers
no rights.
** Please do NOT email, only reply to Newsgroups
** HELP us help YOU!!! http://www.blakjak.demon.co.uk/mul_crss.htm


> Hello there,
>
> I have a problem with a Windows Server 2008 Active Directory. I
> migrated the Active Directory from a Windows 2000 Server. This worked
> well, all users and groups were migrated.
>
> But when I try to add a new user, an old one gets deleted. The event
> viewer say, that there is a duplicate SID and the duplicate account
> would be deleted.
> That behavior is really anoying.
> My question: Why does the server take an existing SID? Can I change
> the next SID that would be taken for a new account?
>
> Best regards,
> Christoph Heuel
Re: Duplicate SIDs [message #159834 is a reply to message #159829] Mon, 10 August 2009 06:27 Go to previous message
pbbergs  is currently offline pbbergs  United States
Messages: 1024
Registered: July 2009
Senior Member
diagnostics against your Active Directory domain.

If you don't have the support tools installed, install them from your server
install disk.
d:\support\tools\setup.exe

Run dcdiag, netdiag and repadmin in verbose mode.
-> DCDIAG /V /C /D /E /s:yourdcname > c:\dcdiag.log
-> netdiag.exe /v > c:\netdiag.log (On each dc)
-> repadmin.exe /showrepl dc* /verbose /all /intersite > c:\repl.txt
-> ntfrsutl ds your_dc_name > c:\sysvol.log
-> dnslint /ad /s "ip address of your dc"

**Note: Using the /E switch in dcdiag will run diagnostics against ALL dc's
in the forest. If you have significant numbers of DC's this test could
generate significant detail and take a long time. You also want to take into
account slow links to dc's will also add to the testing time.

If you download a gui script I wrote it should be simple to set and run
(DCDiag and NetDiag). It also has the option to run individual tests without
having to learn all the switch options. The details will be output in
notepad text files that pop up automagically.

The script is located on my website at
http://www.pbbergs.com/windows/downloads.htm

Just select both dcdiag and netdiag make sure verbose is set. (Leave the
default settings for dcdiag as set when selected)

When complete search for fail, error and warning messages.

Description and download for dnslint
http://support.microsoft.com/kb/321045

--
Paul Bergson
MVP - Directory Services
MCTS, MCT, MCSE, MCSA, Security+, BS CSci
2008, 2003, 2000 (Early Achiever), NT4
Microsoft's Thrive IT Pro of the Month - June 2009

http://www.pbbergs.com

Please no e-mails, any questions should be posted in the NewsGroup This
posting is provided "AS IS" with no warranties, and confers no rights.

"braveheuel" <christoph.heuel@googlemail.com> wrote in message
news:3db6c58f-1128-4efb-8dac-a2fe82e855c7@p23g2000vbl.googlegroups.com...
> Hello there,
>
> I have a problem with a Windows Server 2008 Active Directory. I
> migrated the Active Directory from a Windows 2000 Server. This worked
> well, all users and groups were migrated.
>
> But when I try to add a new user, an old one gets deleted. The event
> viewer say, that there is a duplicate SID and the duplicate account
> would be deleted.
> That behavior is really anoying.
>
> My question: Why does the server take an existing SID? Can I change
> the next SID that would be taken for a new account?
>
> Best regards,
> Christoph Heuel
Previous Topic:Restrict User Creation - Administrators/DomainAdmins/EnterpriseAdmins
Next Topic:Do logon scripts get stored on the PC?
Goto Forum:
  


Current Time: Fri Jan 19 00:42:11 MST 2018

Total time taken to generate the page: 0.04120 seconds
.:: Contact :: Home ::Sitemap::.

Powered by: FUDforum 3.0.0RC2.
Copyright ©2001-2009 FUDforum Bulletin Board Software