Networknet.nl

Today I configured new VMWare team and installed one domain controller and one other server as file server. I used my masterbuild server image of Win2k3 EE R2 and both images run the sysprep.exe routine. After the dc was setup to run AD and DNS I joined the second guest machine on the domain. The domain join on the second machine worked fine.

I reboot and tried to logon with a domain account and than with the domain admin. Both accounts generated the Logon Message below.

The system cannot log you on due the following error:

The name or security ID (SID) of the domain specified is inconsistent with the trust information for that domain.

Please try again or consult your system administrator.

I logged on with the local administrator account and saw the event id 5516 Netlogon error as shown below.

For some reason the sysprep did not work from my masterbuild and both virtual guest machines have the same SID id.

To verify both sid’s you can go and download the psgetsid.exe from Microsoft website.

http://www.microsoft.com/technet/sysinternals/utilities/psgetsid.mspx

I downloaded the pstools.zip from Microsoft website and run psgetsid.exe \\fs-001-cert and psgetsid.exe \\dc-001-cert. As shown below both match.

To quickly resolve this issue is to run the NewSid.exe tool and generate new SID for this computer account.

This tool is available at: http://www.microsoft.com/technet/sysinternals/Utilities/NewSid.mspx

Run the tool and generate new sid for you guest machine.

Next

Next

Click Next and reboot the machine.

Logon on the system with the local administrator account and join to the workgroup. Reboot the guest and rejoin to the domain.

If these steps are not executed than domain membership connectivity will fail!

After the reboot I was successfully being able to logon as my test user “Finance Manager”.