Duplicated local account SIDs after Windows 10 upgrade

I have a Windows 10 VM recently upgraded to 20H2. Prior to upgrade I had cloned and sysprepped it to create a test system, and mimicked the upgrade process on there first. After a successful upgrade process on the test system, I carried out the same procedure on the production system.

While the overall OS upgrade was successful, something happened to the local administrator and guest account on the production VM. It appears there are two copies of each of those accounts with the exact same SID. Running (in PowerShell) Get-LocalUser shows two administrator and two guest accounts. Yet, running net user shows only one of each. Viewing the Local Users in Computer Management shows absolutely no user accounts. Strangely this did not occur on the test system.

I have tried running ntdsutil from a Windows Server to cleanup duplicate SIDs on the problematic Win10 VM. The utility says it detects this problem and is successful in cleaning up, but nothing really changes as duplicate SIDs still remain.

Any suggestions to address this issue of duplicate local admin/guest accounts?


Solution 1:

This is a known issue, it will cause your computer to blue screen too. Basically, you are using an old 20H2 release, you need to download the ISO again, because Microsoft released a new media on December 3, 2020.

More details here:

https://support.microsoft.com/en-us/topic/after-updating-to-windows-10-version-20h2-you-might-receive-an-error-when-accessing-the-sign-in-options-or-users-mmc-snap-in-138e1980-1162-94ca-d537-1cd07887dc53

[...]This issue is caused by duplicate built-in user accounts being created with the same security identifiers (SIDs) and relative identifiers (RIDs) during the update to Windows 10, version 20H2. SIDs and RIDs for built-in user accounts are well-known as documented here and must be unique on a given device.[...]