I’ve been doing some fairly large scale labbing at work recently and came across a problem I’ve somehow dodged until now. I’d created a fully patched Windows Server 2012 R2 VM with a few things installed and configured then converted it to a template. The plan was to use this template to deploy an entire lab. Windows through a little problem into the equation.
My first Active Directory Domain Controller was deployed with no issue. Adding the second failed with this error-
The domain join cannot be completed because the SID of the domain you attempted to join was identical to the SID of this machine.
Oops.
Every user, group and computer in Active Directory has a unique and non-recyclable Security ID (SID). Cloning the virtual machine from a template doesn’t change the SID. The fix is simple with sysprep and almost entirely automated in Windows 7, Vista, 8, 2008 and 2012. Earlier operating systems will need to download sysprep.
Provided you’re not working with an OS from 2001 you can find sysprep in the following directory-
C:\Windows\System32\Sysprep\sysprep.exe
Run this with the following options
The OS will do it’s thing then reboot automatically before asking you to confirm a few things
At this stage network setting will have been reset. Once the network is reconfigured the VM is ready to be joined to the Active Directory domain.