VMware ESX Clones and Windows SID.

I had made a single installation of Windows Server 2008 R2 and saved this as a master clone - using this master clone I made no.of other clones for my use. Turns out if you don't chose the option to customize the new virtual machine (which is the default option :-( ) , the new virtual machine will bear the same SID (security identifier) as the main cloned image.

This is still OK (perhaps not) if you plan to use these cloned VM's in different environments. However, if you plan to create a Active Directory Domain and add these VM's on the same domain, authentication gets messed up seriously. Worst part is that when you add machines to domain, it won't complaint, only when you chose to use domain accounts to auth (like logging into Member Server using Domain account) it will spit out error on event viewer logs.
It took lot of google time to realize that domain account on member server was failing because of duplicate SID which was because I was using clones of the same image.

Lessons:
1) If you ever take clones of a VM, ensure you chose to customize the new virtual machine, by choosing the option "Customize using the Customization Wizard".
2) If you already have clones now, you can accomplish #1 above using VMware Convertor tool, by using the option "Configure machine". This will force SID change on the VM amongst other things.