I use these scripts for my SQL users. If you read my post yesterday, Domain users do not need to have the sids matching. Just add the domain user(s) on the secondary and it will sync up. Also here is an article for your reading pleasure.

http://support.microsoft.com/kb/918992

I got these nifhty scripts off anothers DBA site and they work really well for me;

-- Get Sids for all SQL Server logins on the old server instance

SELECT name, [sid]

FROM sys.server_principals

WHERE [type] = 's';

-- Create new SQL Login on new server instance

IF EXISTS (SELECT * FROM sys.server_principals WHERE name = N'SQLAppUser')

DROP LOGIN SQLAppUser;

GO

-- Use the sid from the old server instance

CREATE LOGIN SQLAppUser WITH PASSWORD = N'YourStrongPassword#', sid = 0x2F5B769F543973419BCEF78DE9FC1A64,

DEFAULT_DATABASE=[master], DEFAULT_LANGUAGE=[us_english], CHECK_EXPIRATION=OFF, CHECK_POLICY=OFF;

GO