Updating drivers for devcon failed
Instead of generating new random SIDs for these accounts, Windows ensures their uniqueness by simply appending a per-account unique number, called a (RID), to the machine SID.The RIDs for these initial accounts are predefined, so the Administrator user always has a RID of 500: After installation, Windows assigns new local user and group accounts with RIDs starting at 1000.Every process running in my interactive session, for example, has a copy of the token that they inherited originally from the process, the process Winlogon creates as the first of any interactive logon.
The reason that Microsoft doesn’t support systems modified in this way is that, unlike Sysprep, these tools don’t necessarily know about all the places where Windows stashes away references to the machine SID.
At one point during the design of Windows NT, the machine SID might have been used for network identification, so in order to assure uniqueness, the SID that Setup generates has one fixed subauthority value (21) and three randomly-generated subauthority values (the numbers following “S-1-5-21” in the output).
Even before you create the first user account on a system, Windows defines several built-in users and groups, including the Administrator and Guest accounts.
You can use Ps Get Sid to view the name of the account for a specified SID, and here you can see that the local SID that has a RID of 1000 is for the Abby account, the name of the administrator account Windows prompted me to name during setup: In addition to these dynamically created SIDs, Windows defines a number of accounts that always have predefined SIDs, not just RIDs.
One example is the Everyone group, which has the SID S-1-1-0 on every Windows system: Another example, is the Local System account (System), which is the account in which several system processes like Session Manager (Smss.exe), the Service Control Manager (Services.exe) and Winlogon (Winlogon.exe) run: When an account logs on to a Windows system, the Local Security Authority Subsystem (LSASS -Lsass.exe) creates a logon session and a for the session.