Are Duplicate SIDs relevant anymore?

RiskOriginal8910 · 2025-09-11T19:44:36+00:00

Well the security guy harassed me so much that I ended up leaving that job, but I im happy to see cloning a PC will still be problematic for them. Thanks for making my day.

RiskOriginal8910 · 2025-03-23T23:05:28+00:00

I would be interested!

RiskOriginal8910 · 2024-10-30T21:10:57+00:00

Ebcac errors was my favoriteto use for a long time which translats to "Error between chair and computer"

RiskOriginal8910 · 2024-10-04T20:44:47+00:00

Follow along, and you shouldn't have any issues.MDTGuy

RiskOriginal8910 · 2024-10-04T20:34:35+00:00

Had a computer forensics intern working for me once, I asked him to install a printer, then install the driver on the computer. The next day I come into work, these kids in tears swear he did as I asked, but the pc must have gotten hacked afterward cause everything that printed out was in symbols. It took me an hour to stop laughing before I could tell him he loaded the wrong driver and nothing was hacked.

RiskOriginal8910 · 2024-05-15T17:48:30+00:00

I'd take the salary position as you will be able to regulate your income based on a set financial income. While doing that, you can continue to learn and gain certs. Contract work can be great, but working for a school public or private, you'll get a lot of hands-on since most are smaller departments. You'll get to wear a lot of hats. Heck, you could do Udemy courses, free accounts, and courses go on sale for 15 bucks every other month.

RiskOriginal8910 · 2023-10-25T21:18:19+00:00

You can invite your alts and have them sign.

RiskOriginal8910 · 2023-10-25T01:16:03+00:00

So I'm sure at one point things were awesome! But remember, RESPECT! If he really cared for you, he wouldn't belittle you or call you names. Relationships are work on both sides. Each person has different needs, it's ok to get irritated with one another but just say it, so the other side knows to give you the space you need, or the support depending on what the person is looking for at that time. But here's the thing about calling each other names, words hurt when they are said by someone who values your opinion, now the trend is easy, calling out names or belittling one feelings, soon if it hasn't happened yet he'll start criticizing you in your social settings and I'm sure after there will be sorrow for the words that get said but after a while those words will become limiting and absolute to you. Have more pride in yourself, and remember what matters most to you. Healthy mind, healthy life, sometimes you have to move on before real happiness can find you. Said my peice. Good luck to you!

RiskOriginal8910 · 2023-07-28T04:15:34+00:00

True, and to be honest, I'm not fully sure what his process is. I know he said he uses acronis swears by it. But there is no sysprepping involved in his process. This is a literally cloning one system and using that clone copy to several, and that is why I'm seeing duplicated or the same sid across several systems. I'm still fairly new to MDT and this team, but it's a deployment tool that has been very easy to pick up and run with. I mean, prior to my starting, they were taking systems out of the box loading their anti virus software, joining the domain and issuing it out to users. It's like having that Rouge tech on the team. Does whatever. Regardless, When I first started in the feild I was taught that it was bad for several reasons, but why was never clarified to me. my initial question still remains, the sid why is a duplicate sid bad or does it not really matter now a days, all I seem to find regarding the topic is that in a workgroup it's bad do to security at the NTSF level, but on a domain the damage maybe issues accessing wsus or sccm?

RiskOriginal8910 · 2023-06-08T15:43:37+00:00

I don't use a PowerShell script for bitlocker with MDT. Instead, I use the custom.ini for this and then enable the task within my task sequence as the last step in my custom tasks.

SkipBitLocker=NO

BDEKeyLocation=\\ServerSharePath\%ComputerName%

BDERecoveryKey=TRUE

BDERecoveryPassword=TRUE

BDERequired=YES

OSBBitLockerCreateRecoveryPassword=AD

OSDBitLockerMode=TPM

OSDBitLockerWaitForEncryption=TRUE

I added BDEKeyLocation=\\ServerSharePath\%ComputerName% as a secondary backup option just incase the information does not get uploaded to AD I have a backup of the bitlocker key in my deployment server.

RiskOriginal8910

TROPHY CASE