I recently came across this error within an Server 2008 Active Directory Environment where I attempted to add a domain user account to Microsoft SQL Server 2008 x64.
As you may see on the internet, the problem is in fact related to SID, but in my situation it was not the SSID of the user, but of the actual server. The instance of Server 2008 x64 is running in VMWare Workstation 7 and was created by cloning another VM. This, of course, makes them identical, such that changing the computer name only results in what ‘appears’ to be disparite systems. In a workgroup this shouldn’t be an issue, but once Active Directory is introduced, it gets wacky. AD relies on SID’s, and thus, acts unpredictably when 2 machines / users / groups have the same SID. This is further exagerated when SQL Server is involved, since it creates and / or stores its own SID for the user.
Here are the steps I followed to solve this issue:
- Remove the server running SQL Server from the domain. Reboot.
- Verify the AD Computer Account has been deleted for the system (on a domain controller).
- Run newSID.exe (found here) and change the SID of the server running SQL Server to a new random SID. Reboot.
- Add server back to the domain and verify the account is created within AD.
Once I did all that, the user added with ease.