Changing SID in Sysprep

S

sebbernard

Member
Messages
37
Reaction score
3
I'm looking to change the SID since I captured the image of a PC, but Sysprep isn't working because of the AppX. And when I manage to make it work, when I boot the PC on a new one, the Microsoft cloud services don't work, that's why I'm making this request. I see the PnP Sysprep option, but what should I set it to if this function changes the SID? Thank you very much!
 
Last edited:
Captured install images should be generalized most of the time, to prevent the issue of duplicate SID's.

Until recently, it didn't matter if you used the same non-generalized image on multiple PC's But a security change in the Sep. 2025 (and later) Monthly Update now checks for duplicate SID's. When a duplicate SID is detected, Windows will not allow file sharing or Remote Desktop with the other PC.

1. From the Registry screen, add this reg file to prevent UWP (Store) apps from updating, while you're in sysprep:
Code: 
Windows Registry Editor Version 5.00

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsStore\WindowsUpdate]
"AutoDownload"=dword:00000002

2. Boot into audit mode. Apply your Windows customizations.

3. Generalize will unload (but not remove) all installed 3rd-party drivers. If you want the image to keep the same drivers loaded:
Code: 
reg add HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Setup\SysprepSettings\sppnp /v PersistAllDeviceInstalls /t REG_DWORD /d 1 /f

4. Run sysprep /generalize:
Code: 
sysprep.exe /generalize /shutdown /oobe

5. Boot into WinPE or Recovery, and run your DISM capture. It's important you don't boot from a live system when you want to capture it.

The /generalize will remove the system's SID, and all user accounts (including any MS Account credentials).
 
  • Like
Reactions: ehv
many error with sysprep with the appX store someting like that need to fix many apps, do you have a tool to fix that ?
 
If you integrate the reg file into the install image, background updates for UWP (Store) apps are blocked for you.
 
Funny - attach the preset as nobody asked for this to test prevent SID changing.
 
Asking q's of a specific problem could often solve the problem by share your preset from NTL folder without any personal information.
But seems Garlin already did that.
I do sysprep - but only for personal interrest.
It's local but can be managed and every user has to update MS Store apps separately after install.
Which - btw - is minimum effort.
Thanks.
 
Funny timing… I ran into almost the same headache earlier this week. I handle IT for a small office here in Japan and after the latest Windows updates one machine suddenly couldn’t authenticate to a share anymore. Spent hours checking users, creds, firewall, all the usual suspects… no luck.

While digging around I noticed a few posts saying it might be SID-related in some cases. someone in another forum mentioned wittytool disk clone has a built-in SID change feature, though I haven’t tried it myself yet. I also saw people just running sysprep to regenerate things. I’m probably gonna experiment those and see if anything actually fixes it.
 
There's a "temporary" GPO which can be applied to block enforcement of duplicate SID checking for network access.
Found a easy fix for the KB5065426 update that broke WIN 11 network mapping.

MS hasn't committed to how long it will continue ignoring duplicated SID's. I'd imagine for a while, but it's there so your organization can fix the existing PC's in a timely fashion.

If you wanted to block SID checking in an install image (same effect as the GPO):
Code: 
Windows Registry Editor Version 5.00

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\FeatureManagement\Overrides\8\1517186191]
"EnabledState"=dword:00000001
"EnabledStateOptions"=dword:00000000
 
You must log in or register to reply here.
Back
Top