PowerCLI

Hi,

I've had some success automatically creating Unix machines from a template using an XMl config file and PowerShell - works nicely.

However, I am now trying to do the same with Windows machines and am having a couple of problems.  I hope someone will be able to help.

1) I have a Windows XP template.  This has one local user and is set to auto-login (i.e. doesn't require any user intervention to get to the desktop).  When I use Powershell to create a new machine from this template (using new-vm and specifying a customisation), the machine is created, it boots logs in and starts the customisation and then reboots.  Once it has rebooted, the machine does not auto login.  If I click the (only) username, it logs in and then does some more customisation.  I'm obviously looking to see why it asks to login - it's preventing the process from being completely hands-off.

2) The customisation adds the computer to a Windows domain.  If I create a machine from the template from within VCenter it works fine.  If I specify the same customisation from Powershell, the machine is not added to the Windows domain, though it seems to have done everything else - set the computer name, IP address, DNS etc. 

I see that there is a cmdlet called Add-Computer but a) I don't see why I should need to do this if the customisation does it, and b) I'm not sure when I'd actually execute this (after all the customisation has occurred presumably but I don't see how I know that - the script has finished well before the machine has completed the customisation process.

Any pointers would be gratefully received.

Thanks

1) Is the LogonCount = 1 perhaps ?

2) Is the log file in %WINDIR%\Temp\vmware-imc\guestcust.log showing any mor einfo why the join fails ?

Can you give some more info, which OS do you have in the template ?

And perhaps the New-VM line that you use ?

Hi Luc,

Sorry for the delay in getting back to you - my home broadband is stuffed so I couldn't log on from home, and I've been in meetings all day today.

Thanks for the great suggestions.  I've not determined 1) yet, but I will do that at some point (once I've worked out where it's set).

The log file you suggested has told me why it failed to join the domain:

Joining domain RAND.LOCAL using account vbengsup and password '*****'
A specified logon session does not exist. It may already have been terminated.

Retrying join operation with user = vbengsup@RAND.LOCAL
Logon failure: unknown user name or bad password.

Rpci: Sending request='deployPkg.update.state 4 101 C:\WINDOWS\TEMP\vmware-imc\guestcust.log@Logon failure: unknown user name or bad password.
'

Rpci: Sent request='deployPkg.update.state 4 101 C:\WINDOWS\TEMP\vmware-imc\guestcust.log@Logon failure: unknown user name or bad password.
', reply='', len=0, status=1

Logon failure: unknown user name or bad password.

Customization in progress set to 0 at 2012-Sep-27 13:06:28
Rpci: Sending request='deployPkg.update.state 5 0 C:\WINDOWS\TEMP\vmware-imc\guestcust.log'

Rpci: Sent request='deployPkg.update.state 5 0 C:\WINDOWS\TEMP\vmware-imc\guestcust.log', reply='', len=0, status=1

SysprepDecrypter has unobfuscated the password successfully

A few interesting things here:

1) The number of asterisks in the password is 5 - that's fewer than the number of characters in the specified user password - I'm not sure if that's indicitive of a problem or not (I suspect not because as I said, the customisation works ok ourside of Powershell - it's probably a security thing).

2) The last line looks encouraging

3) I don't understand why it would fail - the customisation stores (I believe) the username and password used to add to the domain so I don't see why it should go wrong here.

The template is running XP (required as it's the platform for older products).  The template the machine is cloned from is not in a domain, just a workgroup.

The code I'm running is as follows:

# Get the IP address from the hostname
    $IP = [System.Net.Dns]::GetHostAddresses($_.hostname) | select-object IPAddressToString -expandproperty IPAddressToString

    $DNS = @()
    $DNS = $DNS + "a.b.c.d"
    $DNS = $DNS + "w.x.y.z"
   
    $TempCustSpecName = "VB_Cust_" + $_.hostname

    Get-OSCustomizationSpec $Customisation | New-OSCustomizationSpec -Type NonPersistent -Name $TempCustSpecName
    Get-OSCustomizationSpec $TempCustSpecName | Get-OSCustomizationNicMapping | Set-OSCustomizationNicMapping -IpMode UseStaticIp -IpAddress $IP -SubnetMask 255.255.255.0 -DefaultGateway $DefaultGateway -Dns $DNS
    Get-OSCustomizationSpec $TempCustSpecName | Set-OSCustomizationSpec -NamingScheme "Fixed" -NamingPrefix $_.hostname

    $j = New-VM -VMhost $_.host -name $_.hostname -Template $TemplateName -Datastore $_.Datastore -OSCustomizationSpec $TempCustSpecName -Location $TargetFolder -RunAsync

If there is anything that you can suggest, I'd love to hear.

Many thanks, as always.

Rgds

I suspect the failure comes from the "UseStaticIP" you specify.

With a "static" IP, the VM only gets an IP address after the 2nd reboot, and since the join happens before, the join will fail.

Can you try with "UseDhcp" (provided that is available) ?

You can change the network settings once the VM OS is up and running by using for example the Invoke-VMscript and run a netsh command inside the guest OS. Or you can go for the Set-VMGuestNetworkInterface cmdlet (which is in fact using Invoke-VMScript).

That would explain it, but it creates a real problem for me - the vlan that these machines are on doesn't have DHCP support. I guess I will need to get it enabled but will need to free up a range of addresses first.

Having said that, I'm wondering if I can add the computer(s) to the domain after it has done the rest of the configuration (such as get the fixed IP address) either by using Invoke-VMscript or even Add-Computer? Will give that a go when I'm in the office tomorrow.

Thanks for the help Luc