USING SYSPREP WITH VIEW

Occasionally it is necessary to use Sysprep instead of Quickprep when creating a desktop pool with View. This usually is because of some legacy software requiring unique local computer identifiers (SIDs). I recently got asked about it because of some older antivirus software that needed it to centrally manage its in-OS agents.A comparison of the two customization techniques can be found in the View Administration Guide on pages 95 and 96. KB article 2003797 gives a quick table of the differences:

Function	QuickPrep	Sysprep
Removing local accounts	No	Yes
Changing Security Identifiers (SID)	No	Yes
Removing parent from domain	No	Yes
Changing computer name	Yes	Yes
Joining the new instance to the domain	Yes	Yes
Generating new SID	No	Yes
Language, regional settings, date, and time customization	No	Yes
Number of reboots	0	1 (seal & mini-setup)
Requires configuration file and Sysprep	No	Yes

To setup and deploy a pool using Sysprep the high-level steps are as follows:

Copy the Sysprep files to the vCenter server (Note that this is only required for Windows XP as Windows 7 comes with sysprep). Full details on this are in KB article 1005593.
Create a Guest Customization Specification in vCenter.
Add a desktop pool and tell it to use sysprep and the guest customization spec you have created.

Create a Guest Customization Specification

In vCenter from the Home page select the option for Customization Specification Manager.
Add a New customization and on the Properties page enter a name. DO NOT use a custom sysprep answer file.

Continue through the wizard until the Computer Name page. Set this to use the virtual machine name.

Step through the wizard entering license keys, administrator password, time zone, etc until you get to the Network page.
Make sure you leave the network at the default of typical settings. This will then use DHCP
.

On the Workgroup or Domain page leave this as the default. Any domain / administrator information entered here is not used. Instead the VM is joined to the domain using the guest customization settings defined in the pool settings through View Manager.

On the last page Operating System Options make sure that the Generate New Security ID (SID) is checked. After all the whole reason we are using Sysprep is because unique SIDs are required for our use case.

Finish the wizard.

Add a desktop pool

In View Manager add a desktop pool as you would normally. The only deviation from using Quickprep comes on the last page for Guest Customization.
Select the Domain. This list (normally only one in most environments) is what you defined when you configured the vCenter server in View Administrator and defined the Domains for View Composer. This settings is what will control which domain is joined and which credentials are used when customizing the linked clones.
Select the appropriate AD container as normal.
Select the option to Use a customization specification (Sysprep) and select the spec you created earlier.

When you complete the wizard your pool should deploy although provisioning can be a bit slower than using Quickprep especially as there is an additional reboot of the linked clone required.

So what are the steps that take place when View customizes with Sysprep?

Once the linked clone disks have been created, View Manager puts the VM into the Customizing state.
View Manager calls the vCenter API customizeVM_Task to customize the VM with the customization specifications.
View Manager powers on the linked clone.
Inside the Guest OS on the linked clone, the View Composer Agent sees that it is starting for the first time and calls NetJoinDomain with the machine password cached on the internal disk.
The machine is now joined to the domain.
Sysprep is now run on the linked clone from within the guest.
The View Composer Agent waits for Sysprep to finish before notifying the View Agent that customization is complete. Then the View Agent sends a message to the View Manager server.
The View Manager Server powers off the clone and takes a snapshot of the customized, powered off clone (to give us our refresh state).
View Manager puts the linked clone into the Provisioned state. If the VM is then powered on, it moves into the Available state.

January 22, 2018

Fix Software RAID Windows 2k3

If you’ve intentionally – or unintentionally lost your primary drive in Windows 2003 Software RAID, here’s how you’d get it back.

Load up the 2k3 Install disk

Press “r” for recovery mode

Select your installation

Enter your password

chkdsk /p

bootcfg /rebuild

January 22, 2018

Multi Processor VMware

If you change from a multi-processor system to a uni-processor system you need to manually change the HAL on the Windows server after the conversion.

To do this go into Device Manager after the machine first boots and discovers it’s new hardware and then click on Computer then right-click on the processor and select Update Driver. Then select Install from specific location and then Don’t search I will choose the driver to install. Then select show All compatible hardware and select the appropriate processor.

For example, if you went from a dual cpu to a single cpu then select ACPI uni-processor PC instead of ACPI multi-processor PC. You will need to reboot once you change this. To verify what HAL you are using you right-click your hal.dll in c:\windows\system32 and select the Version tab and select Internal Name and it should say halmacpi.dll for multi-processor acpi and halacpi.dll for uni-processor acpi.

Next clean up all the non-present hardware after the P2V conversion. To do this go to a CMD prompt and type SET DEVMGR_SHOW_NONPRESENT_DEVICES=1 and then DEVMGMT.MSC and then select Show Hidden Devices. Delete any old grayed out hardware. Next remove any vendor specific applications/drivers. For example on a HP server you should go to Add/Remove programs and remove any HP management agents, survey utility, array config utility, version control agent, etc.

Also check your NIC and make sure there are no vendor specific drivers there (ie. teaming). Check the Services to see if all there is anything vendor specific related there and disable any services that are.

January 22, 2018

Mounting Samba Shares

Some Vista and Windows 7 shares and many Samba Linux shares require credentials in the form of username/password pairs before access is granted. These credentials are set on the server. In Windows Vista and Windows 7 they are the login username and password of the owner on the server and in Linux they are any member of the Samba User Database on the server who is “allowed” by the file that defines the share.

You use the option string username=server_user,password=secret instead of the guest option used above to generate the mount as follows:

mount -t cifs -o username=server_user,password=secret //192.168.44.100/share /path_to/mount

January 22, 2018

Manage Windows 8 Wireless Network Profiles

I was having a heck of a time with my little tablet connecting to some wireless connections using the same SSID. Here’s how I fixed it…

If you need to change a wireless connection profile, you can usually do it by following these steps:

Swipe in from the right edge of the screen, tap Settings, and then tap Change PC settings. (If you’re using a mouse, point to the upper-right corner of the screen, move the mouse pointer down, click Settings, and then click Change PC settings.)
Tap or click Network, tap or click Connections, and then tap or click the connection you want to change.
On the page that appears, make the changes you want.

Some tasks, such as deleting a profile, must be done at the command prompt. To do these tasks, open Command Prompt, and then type the appropriate command from the following table.

Open Command Prompt by swiping in from the right edge of the screen, tapping Search (or if you’re using a mouse, pointing to the upper-right corner of the screen, moving the mouse pointer down, and then clicking Search), entering Command Prompt in the search box, and then tapping or clicking Command Prompt.

TASK	INSTRUCTIONS
Delete a profile	At the command prompt, type: netsh wlan delete profile name=”ProfileName”
Show all wireless profiles on the PC	At the command prompt, type: netsh wlan show profiles
Show a security key	At the command prompt, type: netsh wlan show profile name=“ProfileName” key=clear
Move a network up in the priority list	Connecting to a new network and choosing Connect automatically will place it at the top of the list.
Stop automatically connecting to a network within range	Tap or click the network in the network list, and then click Disconnect.
Stop automatically connecting to a network that’s out of range	At the command prompt, type: netsh wlan set profileparameter name=”ProfileName” connectionmode=manual

How Windows determines connection priority

Windows usually connects to networks in this order:

1. Ethernet

2. Wi‑Fi

3. Mobile broadband

When you connect to a new Wi‑Fi network, it’s added to the list, and Windows will connect to that network while it’s in range. If you connect to another Wi‑Fi network while in range of the first network, Windows will prefer the second network over the first one.

Mobile broadband networks are treated differently. If you manually connect to a mobile broadband network when there is a Wi‑Fi network in range, the mobile broadband network is preferred just for that session. The next time you’re in range of both networks, the Wi‑Fi network is preferred. This is because mobile broadband networks typically are metered.

If you want to force your PC to prefer a mobile broadband network over Wi‑Fi, tap or click the Wi‑Fi network in the list of networks, and then click Disconnect. Windows won’t automatically connect to that Wi‑Fi network.

January 22, 2018

Re-register Windows client/server in WSUS

To re-register Windows client/server in WSUS review the following instructions:

1. Run “gpupdate /force” command on the Windows client/server that have a registration issue in WSUS.

2. Run “wuauclt /detectnow ” command on the Windows client/server that have a registration issue in WSUS.

Tip: You can use the Event Viewer to review the re-registration

3. In rare cases, you may need to run: “wuauclt.exe /resetauthorization /detectnow” command on the Windows client/server that have a registration issue in WSUS.