SIDs in Windows VMs

Today sysinternals retired the NewSID tool from their suite of utilities. Mark Russinovich (one of the writers of NewSID – the other being Bryce Cogswell) explains in his blog how the decision to retire the utility came about and it's probably a surprise to many.

It has been a long held belief by man in IT that all Windows Servers and Desktops must have a unique SID. Certainly I recall having SID duplication issues back in the heady days of Windows NT but it's not something that I have encountered as an issue since. Like many I just assumed that Windows uses SIDs still and so they must be unique still. But, as Mark explains, the way that Windows operating systems use SIDs is not the way that most people think it is and it is ok to have machines with identical SIDs.

From a VM perspective this is good news as it means that cloning VMs just got a tad bit easier. Although deploying a Windows VM from a template will require customisation and the use of sysprep (there is more than just the SID changed by sysprep) the process will probably only get easier. I hope.

Read Mark's full blog post here.