Occasionally it is necessary to use Sysprep instead of Quickprep when creating a desktop pool with View. This usually is because of some legacy software requiring unique local computer identifiers (SIDs). I recently got asked about it because of some older antivirus software that needed it to centrally manage its in-OS agents.A comparison of the two customization techniques can be found in the View Administration Guide on pages 95 and 96. KB article 2003797 gives a quick table of the differences:
|Removing local accounts||No||Yes|
|Changing Security Identifiers (SID)||No||Yes|
|Removing parent from domain||No||Yes|
|Changing computer name||Yes||Yes|
|Joining the new instance to the domain||Yes||Yes|
|Generating new SID||No||Yes|
|Language, regional settings, date, and time customization||No||Yes|
|Number of reboots||0||1 (seal & mini-setup)|
|Requires configuration file and Sysprep||No||Yes|
To setup and deploy a pool using Sysprep the high-level steps are as follows:
- Copy the Sysprep files to the vCenter server (Note that this is only required for Windows XP as Windows 7 comes with sysprep). Full details on this are in KB article 1005593.
- Create a Guest Customization Specification in vCenter.
- Add a desktop pool and tell it to use sysprep and the guest customization spec you have created.
Create a Guest Customization Specification
- In vCenter from the Home page select the option for Customization Specification Manager.
- Add a New customization and on the Properties page enter a name. DO NOT use a custom sysprep answer file.
- Continue through the wizard until the Computer Name page. Set this to use the virtual machine name.
- Step through the wizard entering license keys, administrator password, time zone, etc until you get to the Network page.
- Make sure you leave the network at the default of typical settings. This will then use DHCP
- On the Workgroup or Domain page leave this as the default. Any domain / administrator information entered here is not used. Instead the VM is joined to the domain using the guest customization settings defined in the pool settings through View Manager.
- On the last page Operating System Options make sure that the Generate New Security ID (SID) is checked. After all the whole reason we are using Sysprep is because unique SIDs are required for our use case.
- Finish the wizard.
Add a desktop pool
- In View Manager add a desktop pool as you would normally. The only deviation from using Quickprep comes on the last page for Guest Customization.
- Select the Domain. This list (normally only one in most environments) is what you defined when you configured the vCenter server in View Administrator and defined the Domains for View Composer. This settings is what will control which domain is joined and which credentials are used when customizing the linked clones.
- Select the appropriate AD container as normal.
- Select the option to Use a customization specification (Sysprep) and select the spec you created earlier.
- When you complete the wizard your pool should deploy although provisioning can be a bit slower than using Quickprep especially as there is an additional reboot of the linked clone required.
So what are the steps that take place when View customizes with Sysprep?
- Once the linked clone disks have been created, View Manager puts the VM into the Customizing state.
- View Manager calls the vCenter API customizeVM_Task to customize the VM with the customization specifications.
- View Manager powers on the linked clone.
- Inside the Guest OS on the linked clone, the View Composer Agent sees that it is starting for the first time and calls NetJoinDomain with the machine password cached on the internal disk.
- The machine is now joined to the domain.
- Sysprep is now run on the linked clone from within the guest.
- The View Composer Agent waits for Sysprep to finish before notifying the View Agent that customization is complete. Then the View Agent sends a message to the View Manager server.
- The View Manager Server powers off the clone and takes a snapshot of the customized, powered off clone (to give us our refresh state).
- View Manager puts the linked clone into the Provisioned state. If the VM is then powered on, it moves into the Available state.