Event ID - 5516

Event Id5516
SourceNetlogon
DescriptionThe computer or domain <domain1> trusts domain <domain2>. (This may be an indirect trust.) However, <domain1> and <domain2> have the same machine security identifier (SID). NT should be re-installed on either <domain1> or <domain2>.
Event InformationThis information from some newsgroups may help you:
------------------------------------------------------------------------------
Here are the steps you should follow when you want to move a BDC from one domain to another:
1. Boot up the BDC you want to move and log in. Use NewSID to synchronize the SID of the BDC with the PDC of the domain to which you wish to move the BDC.
2. Reboot the system for which you changed the SID (the BDC). Since the domain the BDC is now associated with already has an active PDC, it will boot as a BDC in its new domain.
3. The BDC will show up as a workstation in Server Manager, so use the "Add to Domain" button to add the BDC to its new domain. Be sure to specify the BDC radio button when adding.
NewSID starts by reading the existing computer SID. A computers SID is stored in the Registrys SECURITY hive under SECURITY\SAM\Domains\Account. This key has a value named F and a value named V. The V value is a binary value that has the computer SID embedded within it at the end of its data. NewSID ensures that this SID is in a standard format (3 32-bit subauthorities preceded by three 32-bit authority fields).
Three phases to the computer SID replacement follow. In the first phase, the SECURITY and SAM Registry hives are scanned for occurrences of the old computer SID in key values, as well as the names of the keys. When the SID is found in a value it is replaced with the new computer SID, and when the SID is found in a name, the key and its subkeys are copied to a new subkey that has the same name except with the new SID replacing the old.
The final two phases involve updating security descriptors. Registry keys and NTFS files have security associated with them. Security descriptors consist of an entry that identifies which account owns the resource, which group is the primary group owner, an optional list of entries that specify actions permitted by users or groups (known as the Discretionary Access Control
Reference Links

Catch threats immediately

We work side-by-side with you to rapidly detect cyberthreats
and thwart attacks before they cause damage.

See what we caught

Did this information help you to resolve the problem?

Yes: My problem was resolved.
No: The information was not helpful / Partially helpful.
 Refresh