Windows Server – Sysprep

KB ID 0000729 

Problem

I don’t deploy large amounts of servers at once, so Windows Server sysprep is not as important as it is with the client operating systems I deploy. But I do need to create virtual machine templates, (mostly for testing), but some clients like to have server templates. I prefer to manually sysprep and shutdown a server then either convert or clone it to a template.

Thankfully sysprep is in the same place as it was with Server 2008 R2.

Solution

As before you can either run sysprep from command line by navigating to its location and running it with the correct switches. Or simply browse to it with Windows Explorer and double click it.

Related Articles, References, Credits, or External Links

Server 2008 R2 Where is Sysprep

Domain Join SID Error

KB ID 0001732

Problem

Thankfully I don’t see a SID error very often these days;

The following error occurred when attempting to join the domain ‘{domain-name}

The domain join cannot be completed because the SID of the domain you attempted to join was identical to the SID of this machine. This is a symptom of an improperly cloned operating system install. You should run Sysprep on this machine in order to generate a new machine SID.

Resolve SID Errors (Joining Domains)

In my case it was a server I was deploying into EVE-NG and I hadn’t ran says-rep on the image, (typically I only need one Windows server in my EVE-NG labs, but this time I needed another), so then I added a second and tried to add it to a domain, this happened. I should know better really!

If you have ever deployed or imaged Windows you can probably guess what the fix is, ‘Run Sysprep‘.

Note: I will probably get emails saying ‘Why not just run NewSID?’, well because it’s not officially supported any more, and sysprep is.

Navigate to C:\Windows\System32\Sysprep and run sysprep.exe > Tick the ‘Generalize’ option > Set the Shutdown option to ‘Reboot” > OK.

Go and have a coffee, when the server reboots, run though the OOBE setup, and try to join the domain again.

Related Articles, References, Credits, or External Links

NA

Windows Client(s) not ‘appearing’ in WSUS

KB ID 0000591 

Problem

Before you start troubleshooting clients, how long have you waited? I usually setup and configure WSUS up at the start of a job, then leave it alone for a few DAYS, before I start worrying.

Here are the steps I usually follow to get the machines listed in the WSUS management console.

Solution

Before doing anything further, simply try running the following two PowerShell commands, (on the problem client,) and then waiting for a few hours;

[box]

$updateSession = new-object -com "Microsoft.Update.Session"; $updates=$updateSession.CreateupdateSearcher().Search($criteria).Updates

wuauclt /reportnow

[/box]

 

 

1. Assuming you are deploying your WSUS settings by GPO, make sure the machine in question is actually trying to apply the policy, you can do this by running rsop.msc like so:

Or by running gpresult /R from command line

Note: If you cannot see Computer Policy / Computer Settings, i.e. you can only see user settings, then you are probably not running the command window as ‘Administrator’ (Locate cmd.exe > right click > Run as Administrator).

2. If you are enforcing by GPO, or directly via registry edit, your next step is to check that the registry entries exist. Start > In the Search/Run box type regedit {Enter}. Navigate to:

[box]HKEY_LOCAL_MACHINE > SOFTWARE > Policies > Microsoft > Windows > WindowsUpdate[/box]

3. Start > In the Search/Run box type services.msc {enter} Locate the Windows Update service and ensure it is running.

4. Then locate the Background Intelligent Transfer Service and make sure that’s also running.

5. To make sure the client can see the WSUS website, open a browser window, and navigate to http://{name-of-the-wsus-server}/iuident.cab and make sure you can open/download the file.

6. If all the above is OK, you can try forcing a registration with the following command;

[box]wuauclt /detectnow[/box]

7. All update events are being logged, you can find the log at c:windowsWindowsUpdate open the file with notepad.

8. Scroll all the way to the end, then work upwards looking for errors.

9. Sometimes if you image a machine (Or clone a VM) it keeps it’s unique update ID, if this happens then the first machine with this ID to register gets listed, and all the rest do not. To find out if this is your problem, locate and stop the Windows update service on an affected client.

10. Open the registry Editor and navigate to:

[box]HKEY_LOCAL_MACHINE > SOFTWARE > Microsoft > Windows > CurrentVersion > WindowsUpdate[/box]

Locate and delete the SusClientId entry.

11. Restart the Windows Update service and run the following two commands:

[box]wuauclt /resetauthorization /detectnow<br /> wuauclt /reportnow [/box]

Update 16/06/15

Received via Email from Patrick Mauger:

You can add an incorrect binding in IIS to the site WSUS Administration.

You need to add a binding for port 80, because the only ports configured are 8530 and 8531.

Related Articles, References, Credits, or External Links

Windows Server Update Services – Install and Configure (2008 R2)

WSUS Install Error – ‘The update could not be found. There may be a network connection issue.

Message ID 6600: sms wsus configuration manager failed to configure upstream server

WSUS Install Error on Windows Server 2008 R2

VMware Horizon Machines Stuck ‘Customizing’

KB ID 0001595

Problem

In all honesty there’s lots of reasons for this.

I’ll cover the ones that have tripped me up, if you find some new ones feel free to post them below.

Solutions

Before continuing, the image needs to have the Horizon Agent installing within it, and it has to be the SAME version that your Composer and Connection servers are running, (or newer). Also your Horizon servers are connecting to VMware vCenter using an account, (in a lot of cases that will be the domain administrator account, or an account you setup for this reason), make sure that account has global administrator properties in vSphere.

Also in your image install the LATEST version of VMWare Tools, Note: that might be NEWER than the one that you have on your ESX servers, download it and install it manually, (to do this uninstall the old VMWare Tools, then Uninstall the Horizon Agent, then Install the NEW VMWare Tools, then finally reinstall the Horizon Agent again. (Note: If using Horizon Composer, make sure you install the composer option!)

Horizon Inability to get a licence for your KMS Server.

Check this first;

[box]

slmgr /dli

[/box]

It goes without saying you need a network connection (to the right VLAN) before KMS will work. I’ve ran though KMS setup and troubleshooting here.

Horizon Sysprep Problems

For sysprep obviously you need to be deploying images with sysprep and NOT quick prep, if you are using sysprep check the error log, (if the error log is empty, then sysprep is not your problem).

Navigate to: C:\Windows\System32\Sysprep\Panther\setuperr.log

Sysprep Problem 1

Problem 0x0f0043 Failed DeleteInstance AntiSpywareProduct

[box]

Error      [0x0f0043] SYSPRP WinMain:The sysprep dialog box returned FALSE
Error                 SYSPRP Error 0x-2147417850: Failed to re-enable Compat-Gentel custom trigger.[gle=0x0000047e]
Error                 SYSPRP setupdigetclassdevs failed with error 0
Error                 SYSPRP MRTGeneralize:107 - ERROR: Failed DeleteInstance AntiSpywareProduct.instanceGuid="{D68DDC3A-831F-4FAE-9E44-DA132C1ACF46}" hr=2147749904
Error                 SYSPRP MRTGeneralize:116 - ERROR: Failed DeleteInstance AntiVirusProduct.instanceGuid="{D68DDC3A-831F-4FAE-9E44-DA132C1ACF46}" hr=2147749904
Error                 SYSPRP Error 0x-2147417850: Failed to re-enable Compat-Gentel custom trigger.[gle=0x0000047e]
Error                 SYSPRP setupdigetclassdevs failed with error 0
Error                 SYSPRP MRTGeneralize:107 - ERROR: Failed DeleteInstance AntiSpywareProduct.instanceGuid="{D68DDC3A-831F-4FAE-9E44-DA132C1ACF46}" hr=2147749904
Error                 SYSPRP MRTGeneralize:116 - ERROR: Failed DeleteInstance AntiVirusProduct.instanceGuid="{D68DDC3A-831F-4FAE-9E44-DA132C1ACF46}" hr=2147749904

[/box]

Seen On Window Server 2016 and Windows 10: In your Source Image you need to remove Windows Defender, like so;

[box]

Uninstall-WindowsFeature Windows-Defender-Features

[/box]

Sysprep Problem 2

Problem 0x0f0073

[box]

Error      [0x0f0073] SYSPRP RunExternalDlls:Not running DLLs; either the machine is in an invalid state or we couldn't update the recorded state, dwRet = 0x1f
Error                 SYSPRP WinMain:Hit failure while processing sysprep re-specialize internal providers; hr = 0x8007001f
Error                 SYSPRP Error 0x-2147417850: Failed to re-enable Compat-Gentel custom trigger.[gle=0x0000047e]
Error                 SYSPRP setupdigetclassdevs failed with error 0

[/box]

This is happening because the machine you are using as your image has been sysprepped too many times, you nee to make some changes on the reference image to reset/rearm it, so it can be sysprepped.

On your image machine  run regedit and navigate to;

HKLM > SYSTEM > Setup > Status > Sysprep Status

Ensure the following;

  • CleanupState is set to 2
  • GeneralizationState is set to 7

Open an administrative command window and execure the following commands;

[box]

msdtc -uninstall
msdtc -install

[/box]

Back in registry editor navigate to

HKLM > SOFTWARE > Microsoft > Windows NT > CurrentVersion > SoftwareProtectionPlatform

Set SkipRearm to 1

Try again.

Related Articles, References, Credits, or External Links

NA

Sysprep Was Unable to Validate

KB ID 0001535

Problem

While building a new Windows 10 machine to be used as a template, I ran Sysprep to generalise the installation, and got this;

Sysprep was not able to validate your Windows Installation.
Review the log file at
%WINDIR%\System32\Sysprep\Panther\setupact.log for
details. After resolving the issue, use Sysprep to validate yout
Installation again.

Solution

What I did was Google the error, instead of looking at the log file, and read a post that said this can happen if the reference machine has not been activated, and went down a blind alley because THATS NOT TRUE of course you can generalise a newly deployed ‘non-activated’ reference machine.

When I finally read the error log, I found the following;

[box]

Package Microsoft.LanguageExperiencePacken-GB_17763.6.14.0_neutral__8wekyb3d8bbwe was installed for a user, but not provisioned for all users. This package will not function properly in the sysprep image.
Failed to remove apps for the current user: 0x80073cf2
Exit code of RemoveAllApps thread was 0x3cf2.

[/box]

This problem is being caused by an app, (Windows has suffered with this since Windows 8!) I’ve highlighted the app name above, yours may have a different name, but the fix is the same. We need to remove that app, and stop Windows connecting to the internet to install more app shenanigans!

Disconnect the reference machine from the internet by disconnecting its NIC, (below I’m using a VMware VM).

Run a PowerShell window, (as Administrator) and execute the following command, (obviously use the name of your offending app rather than mine if it’s different!).

[box]

Get-AppxPackage –Name *LanguageExperience* | Remove-AppxPackage

[/box]

Then you should be able to run Sysprep successfully. 

DON’T FORGET to reconnect the NIC if you are creating a template, once the machine has shut down.

Related Articles, References, Credits, or External Links

NA

VMware Workstation – Deploying Server 2012 and Windows 8 ‘Linked Clones’ from Templates

KB ID 0000953 

Problem

VMware Workstation, is a great test tool, if i need to take a look at some new software, or plan how I’m going to do a job, and I don’t have access to the ESX server, or test bench, it’s a great tool to have on my laptop.

If you build machines form scratch, every time you need one it can take a while. To address that you can create a template and deploy machines from that. To make things even more efficient you can make then ‘linked clones’. If you use VDI you will probably be aware of linked clones, they use the hard drive of the machine they were created from, and maintain a ‘delta disk’ that holds the differences, this make them very efficient at using hard drive space, (which is good if you are running on a laptop!)

Solution

1. I’ve titled this Windows 8 and Server 2012, but this process works for just about any modern version of Windows. Build the machine that will be the template, and install all the latest updates. Locate sysprep.exe uisually in C:WindowsSyste32Sysprep, and run it. Ensure the ‘Generalize’ option is selected, and the shutdown option is set to ‘Shutdown’.

2. Once finished the machine will shutdown, in VMware Workstation right click the VM > Snapshot > Take Snapshot > Give the snapshot a sensible name > Take Snapshot.

3. Once complete > Right Click the VM again > Settings > Options Tab > Advanced > Select ‘Enable Template mode (to be used for cloning) > OK.

4. Now every time you want a new VM simply right click the template > Manage > Clone > When the wizard starts > Next.

5. Choose the snapshot name you picked in step 2 > Next > Linked Clone (if you choose full clone it creates a complete new machine and will take a LOT of system resources) > Next > Give it a name > Finish.

6. Power on your new machine and it will run the mini windows setup, and behave like a completely new VM.

Related Articles, References, Credits, or External Links

NA

Deploying VMware View 5 – Part 5 Deploying Linked Clone View Desktops

KB ID 0000607

Problem

Note: This is an old post for VMware view version 5, you might want to read Deploying VMware Horizon View instead.

It’s been a while since I wrote Part 4, so it’s time to wrap this up. Now we have Composer installed on the Virtual Center, we can start to deploy our linked clone desktops.

Solution

VMware View – Prepare your Source Machine

1. I’ve already covered how to prepare your Windows 7 client machine to be a View client here. Once that’s done, release its IP address (ipconfig /release) and shut it down.

2. With your source machine shut down, take a snapshot of the machine.

VMware View – Create an Automated Linked Clone Pool

3. Log into your VMware View Administrator console > Inventory > Pools > Add.

4. Automated > Next.

5. Dedicated > Next (unless you want a floating user assignment, the description of each is on this page).

6. View Composer linked clones > Next (ensure your vCenter is listed, and has “Yes” in the View Composer section).

7. Give the pool an ID, name, and description. (Note: If you use folders for your VM’s, you can also select those here).

8. I tend to stick with the defaults, except I let the users reset their desktops > Next.

9. I’m not redirecting any disposable files or profiles > Next.

10. Expand Security > Logins > Create a new login.

11. For the default Image, browse to your source machine, then select the snapshot. Set the Folder, Host/Cluster, and Resource pool as applicable. Then browse for a datastore.

12. Here I’ve selected to store my disks on different datastores. If you can, put your replica disk on the FASTEST storage, as this gets the most “Read” traffic > OK > Next.

13. The domain should auto populate > Pick an OU to place the new machines into, then select either to use quickprep (the VMware one), or Sysprep (the Microsoft one). > Next.

Note: You can also use a customization specification (yes Americans are worse at spelling than me!), you set these up in the VI client on the home screen under ‘Customization Specifications Manager’.

14. Review the information > Finish.

15. Now you have you pool, you need to allow your users to connect to it, with it selected press ‘Entitlements’.

16. Add in the users and/or groups you want to grant access to > OK.

17. It can take a while for the replica to be created then all the linked clones to become ‘Available’ watch progress under ‘Inventory > Desktops’.

18. When available you should be able to connect to them using the VMware View Client.

19. And finally get your new Windows 7 linked clone desktop.

Related Articles, References, Credits, or External Links

NA

VMware VIM (vCenter) Where to put the sysprep files in Server 2008?

KB ID 0000420 

Problem

For newer servers I don’t really use templates anymore, but if you are deploying a lot of 2003 Windows servers in vSphere, then they can save you some time. Back in the days of vCenter 2.5 you just uploaded those sysprep files to the relevant folder in,

[box]C:Documents and SettingsAll UsersApplication DataVmwareVmware Virtual Centersysprep[/box]

But that location no longer exists (since Server 2008).

Solution

The location for sysprep files is now,

[box]C:ProgramDataVMwareVMware VirtualCentersysprep[/box]

 

Related Articles, References, Credits, or External Links

Download all the sys prep versions

Windows XP – Sysprep (for imaging)

KB ID 0000599 

Problem

A client who we recently did a WDS (Windows 7) install for, needed to image a couple of Windows XP machines, (They had some software that either would not run, or was not supported on Windows 7).

They asked me for some documentation on how to do this, it’s been such a long time since I imaged any XP machine, so I took the opportunity to document it properly.

Solution

Before you begin, be aware you need to be building your reference machine with a Volume Licenced copy of Windows XP NOT an OEM or Retail copy (i.e. DONT build the machine with manufacturers rescue disks like Dell or HP). If you don’t do this you will need to activate every Windows machine that you deploy with Microsoft.

Make sure the version of sysprep you are using is at the same service pack level as the reference machine or bad things will happen.

Windows XP SP3 version of Deploy.cab

1. Build your reference machine, and configure it as you require.

2. Create a folder on the root of the C: Drive called ‘Sysprep”. Insert the Windows XP CD and locate the Deploy cabinet file. (This is ‘like’ a zip file and it’s in the supporttools folder).

3. Double click the support cab, then copy over the sysprep.exe file, the setupcl.exe file and the setupmgr.exe file to your c:sysprep folder.

4. You can now run sysprep.exe and skip to step 13. BUT if you require an answerfile (a script that will answer all the questions Windows will ask while it’s reinstalling post sysprep) then run the setupmgr.exe program, at the welcome screen click next.

5. Create New > Sysprep Setup > Windows XP Professional.

6. Fully Automate > Enter Name and Organisation > Set the Display Properties.

7. Set Time Zone > Enter the Volume Licence unlock code > If you are joining a domain, I suggest generating a random name then changing it later.

8. Set the Local Administrators password > Typical settings will enable DHCP > Supply any domain and domain credentials you need to join your domain.

9. Telephony (I just skip this) > Regional Settings > Languages.

10. Printers > Run Once commands > Additional Commands.

11. Enter a string that will go into the registry, and can be identified later > Finish > Accept the default save path > OK > At this point it looks like it’s crashed, you can manually close the setupmgr.

12. Now you can run sysprep.exe > OK > I select ‘mini-setup’ (If you don’t, it will run the welcome to windows session and play the annoying music you cant turn down!) > If you have installed applications and are going to image the machine click Reseal > OK.

Note: Factory will literally set the machine back to a ‘day one’ install of Windows XP.

The machine will then shut down and can be imaged.

Final Note: If you power it back on, it will rebuild itself and delete the c:sysprep directory. Which is fine unless you are doing some testing and realise you have to do the whole thing from scratch!

Related Articles, References, Credits, or External Links

Windows Deployment Services (Server 2003)
Deploying Windows XP

Windows Deployment Services (On Server 2008 R2)
Deploying Windows 7

Window Server Where is Sysprep

KB ID 0000419 

Problem

You have a 2008 R2 Server to sysprep, but your not sure where sysprep is.

Solution

1. Thankfully in Server 2008 R2, there’s no messing about, its in c:windowssystem32sysprep. (Note: to regenerate a SID don’t forget to tick “Generalize”).

Server 2008 – It’s in the same place.

Server 2003 – As with Windows XP, you need to get it from the Windows install CD, its in the supporttoolsdeploy.cab.

Once the files are extracted you can run sysprep (Note: setupmgr.exe is used to create the unattended / answer files for sysprep.)

 

Related Articles, References, Credits, or External Links

Server 2012 – Sysprep