146Updating Security Identifiers (SIDs) and computer names

Using Ghost Walker

It appears that the accessing user is given the rights that the accessed user has by proxy. For example, the access is performed on behalf of the accessing user by the accessed user, just because there is a user name/password match. This can best be seen when specific access rights are granted remotely by the accessing user to a resource on the accessed computer. The Access Control List shows that the accessed user is the user who has rights to the resource.

Updating the SID on a workstation does not stop this situation from occurring.

You must change the password of one of the users.

Using Ghost Walker

Ghost Walker lets you alter identification details of Windows 95, Windows 98, Windows Me, Windows NT, and Windows 2000/XP computers following a clone operation. Each Windows 95, 98, or Me computer can be assigned a unique name. Each Windows NT or 2000/XP computer can be assigned a unique computer name and a Machine Security Identifier (SID).

When you update the SID using Ghost Walker, all existing workstation users and their passwords, permissions, and registry settings are maintained.

Ghost Walker can be operated from the graphical user interface or from the command line. Ghost Walker does not run from:

A Windows NT or 2000 DOS shell

A Windows 95, 98, or Me DOS shell

The Ghost Walker window lists all bootable Windows 95, 98, Me, NT, XP, and 2000 systems on the computer hard drives. Ghost Walker determines that there is an installed operating system if a full set of registry hive files and the operating system kernel executable are located in their normal locations.

Ghost Walker lists the following operating system details:

Logical ID (system ID generated by Ghost Walker)

Drive number

Partition number

Volume label (partition name)

Partition file system type

Computer name

Operating system type, version, or build

Page 146
Image 146
Symantec 10024709 manual Using Ghost Walker