The following is offered based on my experience to correct repeated SIDs across multiple PCs after using AOMEI images to deploy the OS. No warranty is offered or implied. Use at your own risk. There may be more efficient ways of doing this, but it is what I learned in a day of searching and trial and error for a solution we needed yesterday. Good luck - YMMV How to check your SMB verson level: Open Powershell as Administrator Enter the following line: Get-SmbServerConfiguration | Select-Object EnableSMB1Protocol If it returns "False" - thats good If it returns "True" - that needs to be disabled. SMBv1 is a security vulnerability Open Control Panel Open Programs and Features L-clk Turn Windows features on or off Scroll down to find SMB1.0?CIFS File Sharing Support Uncheck the box Close that window Recheck Powershell Get-SmbServerConfiguration | Select-Object EnableSMB1Protocol Should return "False" ************************************************ SID Changer Instructions for the free version as of 10/2025 for Win10/11 Workgroup and Advanced Directory joined PCs ****** CAUTION - As of this writing the following has not been tested with systems running an active SQL database or other complex or 3rd party applications ****** Goto this website to get a new key each month. New key drops between the 5th & 10th. https://www.stratesave.com/html/sidchg.html Oct. Temp Key: 77JAY-X@UZv-2OiL#-KZ Log into PC as administrator. Download the SID_Changer folder to your prefered location. Open the SID_Changer folder Move teh SID Changer EXE file into the "SID Changer" folder Close all open applications and windows not being used. TURN OFF MICROSOFT ANTI-VIRUS AND/OR ANY OTHER ANTI-VIRUS SOFTWARE. Open CMD prompt (as admin) CD "C:\SID_Changer" Copy and paste the following line into the cmd prompt sidchg64-3.0m.exe /F /R /OD /RESETALLAPPS /RMT When prompted, copy the temporary key above and paste it in to the cmd prompt When prompted to reboot, do so. / the 2nd run through the PC will reboot on its own. *The application propably will not execute after the 1st reboot. So, log in normally after the 1st reboot. *Repeate the steps in red above the skip the two lines in black with the asterisks As noted at the end of the instructions above, the system will reboot on its own and go to the lock screen. Do not log in, power off or reboot until the process completes. There will be a large box telling you not to. Once the warning clears and the login prompt is available, log in as administrator. Change the workstation name (if needed), reboot SID changer is done. You will need to re-add shortcuts into the Start button for each user on that system. You will need to rest then reconfigure Edge settings for each user. If you have specialized configuratons. Once complete, delete the SID_Changer folder from the system. Even though you are using a free verson, you are not licensed to distribute this software. (More of a CYA thing) ************************************************ Fix public network back to private **Copy each line into an elevated PowerShell and hit enter Get-NetConnectionProfile **from the output get the index number Set-NetConnectionProfile -InterfaceIndex -NetworkCategory Private **Done ************************************************** Open "Network and sharing \ Advanced sharing settings" Password protected sharing needs to be turned off under All networks (not present on domain workstations) Network discovery and file and printer sharing needs to be turned on for Public, Private and, when it applies, Domain.  Also, in firewall settings (even if turned off - JIC) uncheck "File and printer Settings(Restrictive) for Public / Private and, if it applies, Domain. ******************* Additional SIDCHG64 [options] below ******************* (The free version cannot change the workstation name) /COMPNAME=: New computername, ? = random hex character, * = mac address (hex) /COMPDESCR=: New computer description /F: Omit confirmation /R: Reboot after SID change /S: Shutdown after SID change /NS: Don't change SID, only set computername /KEY=: License key /SK: Store licence key in registry for later. SID will not be changed if /SK is specified /RMK: Remove license key from registry after SID change /OD: Reset OneDrive. This avoids OneDrive synchronization issues if both original and clone are active with same user. /OD requires OneDrive-Account to be reentered after SID change. Without /OD it is sufficient to reenter password of OneDrive-Account after SID change /RESETALLAPPS: Reset all Modern Apps. This avoids issues with Modern Apps or with Search box after SID change. /RESETAPPS=: List of Modern Apps to be reset (PackageFamilyName), separated by ;-character. *-character counts as wildcard. - (minus)-character at beginning excludes app from reset. /RESETAPPSFILE=: File containing List of Modern Apps to be reset (PackageFamilyName), each on separate line. *-character counts as wildcard. - (minus)-character at beginning excludes app from reset. Following options are advanced (not for normal use): /OS=: Windows-directory (e.g /OS=D:\Windows) of OS to modify, if not running OS /D=: Drives to check for SID (e.g /D=CDE). Per default, SID will be changed on all local harddrives /SID=: New SID value. Per default, SID will be set to random value /RMKNOW: Remove stored license key from registry without doing SID change /RMT: Remove traces. Remove SIDCHG key from registry after SID change. Completed SID change cannot be reverted if /RMT is specified /RMTNOW: Remove traces now. Remove SIDCHG key from registry without doing SID change. SID change cannot be reverted afterwards /NW: Don't change WSUS ID /NCID: Don't reset MSDTC CID /NPP: No Run Once-post processing. Transparent post processing is needed to preserve encrypted files and other user settings. /NDI: Don't reset Device ID. /NMG: Don't reset Machine GUID. /NMID: Don't reset Machine ID /NDUID: Don't reset Dhcpv6 DUID. /NSQ: Don't change SQL Server master database. When changed, a backup copy of the original master database is copied to C:\Windows\Temp-directory /NMA: Don't reset McAfee ID. /RDA: Reset default apps /GDID: Reset Global Device ID (can invalidate System Activation) /NGDID: Don't Reset Global Device ID (per default Global Device ID is reset if System is not Activated) /NRS: Don't reset Search (Search needs a few minutes to rebuild at first Login) /REVERT: Reverts SID back to previous value after complete or interrupted SID change /REPEAT: Repeats previous complete or interrupted SID change with same previous and new SID values. This can be useful if not all has been changed during first run. /CLEARMSG: Clears SID change message at login after interrupted SID change /CNMF=: Map file /COMPNAME will be mapped against, with lines map=compname /FF: Allow SID change with Antivirus real-time protection left on, SID to be changed on removable drive, or for unsupported Windows version, and bypass other restrictions. ******************************************** Change of computer SID risks data loss and system damage. Do not interrupt SID change in process!