While preparing virtual environment, including Domain controller and other VMs joining DC VM. I chose a quicker way by using same base VM to be used to create other VMs.
Everything went OK with domain controller VM, until i received first shock during SQL installation process. When i entered dedicated SQL domain account i have created to configure SQL services, following is the error i received:
No mapping between account name and security SIDs was done
and then i tried few more times entering credentials again, until i started googling about the error, but it didn't work.
As per Technet and other reliable sources, i figured out that problem is with security identifies SID between VMs. And for those wondering about what the hell is SID, because i was doing the same when i first came across this issue :), following is what i found about SID:
“Every Domain has a unique Domain SID that’s the machine SID of the system that became the Domain’s first DC, and all machine SIDs for the Domain’s DCs match the Domain SID. So in some sense, that’s a case where machine SIDs do get referenced by other computers. That means that Domain member computers cannot have the same machine SID as that of the DCs and therefore Domain.”
Now the challenge was to verify this information, i.e. to check if both VMs have got same SID, and how to rectify this issue.
In order to check the SID of your VM, download this handy tool PsGetSID available on technet. From command prompt, run this tool and you will get the SID of your VM. Run the tool on both machines, and verify if both machines have got the same SID.
For me, SID was same in both VMs, and in this case the good news is that there is solution to fix it other than creating VM form scratch - feeling better :) You need to run the SysPrep tool to get things fix, following are the steps;
1. go to c:\windows32\system32\sysprep folder, and run the tool sysprep
2. Once the dialog box will pop up, select the following configuration and click OK.
3. It will take a while to process and create a new SID, and it will restart your system.
Once finished, you can then run the same previous tool PsGetSid to verify if your VM has got a new SID now, and try using domain account again and hopefully this time it will work for you without any issue.