I messed up during the setup of my VMware template, and now I have 15 production Server 2022 VMs all with the same machine SID. I've also encountered this issue with some Windows 11 VMs, but I've managed to use SIDCHG64.exe and/or SIDCHGL64 on them without problems since they're just client machines. I took a snapshot of my VeeamOne server (with the database hosted elsewhere) and ran the tool there, but it caused the Veeam reporting service to fail to start, so I reverted the changes. All other servers seem fine, so I'm wondering if it's better to leave things as they are or if I should take action now?
2 Answers
I haven't used SIDCHG64 myself, but I think the major issues with duplicate SIDs usually happen when you're using the template for domain controllers. Regardless, I'd recommend correcting your template to avoid future headaches.
Leaving the machine SIDs as they are could lead to serious trouble down the line. You don't want to create a ticking time bomb for someone else.
Just a heads up, SQL servers, Exchange Servers, and RDS Farms can't afford to have duplicate SIDs either. Only a file server might get away with it, but even that could be risky with NTLM disabled and fully switching to Kerberos.