So, what can a program that can modify the SIDs in NTUSER.DAT do?

Nicolas Lopez at
Thu Oct 31 19:06:00 GMT 2002

On Fri, Nov 01, 2002 at 04:39:03AM +1030, Richard Sharpe wrote:
> On Thu, 31 Oct 2002, Andy Thomas wrote:
> What I envision is something like:
>   profiles -c S-1-5-21-x-y-z-oldrid -n S-1-5-21-x-y-z-newrid <profiles>
> which would walk the SEC DESCs, find all the SIDs and change them.
  That is useful, but could it me more useful? Is there any reason a similar
approach couldn't be taken with the system hive instead of a user hive for
the purpose to changing workstation SIDs after cloning? I'm thinking there
would be a few settings that would also have to be changed but having
something like this would seem to be of great help to lazy admin's suck as
myself who don't want to talk around to 60 systems and wait for 3-4 reboots
after every reclone.
  I'm aware of ghost walker, but I'd rather not try to script it in a batch
file. Bash is so much easier to work with.

> The remaining problem however, may be SIDs burried in other entries in the 
> NTUSER.DAT. This can be solved, however, by walking all the entries in the 
> registry and changing all the SIDS.
  Yeah, something like that.

  - Nick Lopez
    kimo_sabe at
IIRC, the beep made by the original IBM PC was musically somewhere between
C Sharp and D.
Guess that's why the sound was so obnoxious. C# minda makes sense now, eh!
 - Dr Caleb on /.

More information about the samba-technical mailing list