This is for Citrix so as far as I know, we do not sysprep the Citrix golden image.
From: listsad...@lists.myitforum.com [mailto:listsad...@lists.myitforum.com] On Behalf Of Jason Sandys Sent: Tuesday, July 18, 2017 4:36 PM To: mssms@lists.myitforum.com Subject: RE: [mssms] RE: VM gold images? what do you folks do? Current Branch The SUS IDs should be reset when you sysprep the reference system. Have you found that not to be the case or seen issues if you don't do this? J From: listsad...@lists.myitforum.com<mailto:listsad...@lists.myitforum.com> [mailto:listsad...@lists.myitforum.com] On Behalf Of Beardsley, James Sent: Tuesday, July 18, 2017 1:14 PM To: mssms@lists.myitforum.com<mailto:mssms@lists.myitforum.com> Subject: RE: [mssms] RE: VM gold images? what do you folks do? Current Branch Here's the Powershell script we use. Very similar to Mikes. # Ask for elevated permissions if required If (!([Security.Principal.WindowsPrincipal][Security.Principal.WindowsIdentity]::GetCurrent()).IsInRole([Security.Principal.WindowsBuiltInRole]"Administrator")) { Start-Process powershell.exe "-NoProfile -ExecutionPolicy Bypass -File `"$PSCommandPath`"" -Verb RunAs Exit } Write-Warning "Stopping WUA and removing WSUS keys" net stop wuauserv reg delete HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate /v SusClientId /f reg delete HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate /v SusClientIdValidation /f Write-Warning "Stopping SCCM and removing certificates" net stop ccmexec gci Cert:\LocalMachine\SMS | remove-item gci Cert:\LocalMachine\My | remove-item Write-Host "Complete! Press any key to continue ..." $x = $host.UI.RawUI.ReadKey("NoEcho,IncludeKeyDown") From: listsad...@lists.myitforum.com<mailto:listsad...@lists.myitforum.com> [mailto:listsad...@lists.myitforum.com] On Behalf Of Mike Dougherty Sent: Tuesday, July 18, 2017 11:57 AM To: mssms@lists.myitforum.com<mailto:mssms@lists.myitforum.com> Subject: Re: [mssms] RE: VM gold images? what do you folks do? Current Branch We are doing something very similar to this for our Citrix Gold Image/Templates which are little bit different than a pure VM template, but essentially our generalization script is run immediately prior to "sealing" the image and does the following: 1. stops the ccmexec service 2. deletes %windir%\smscfg.ini 3. removes the SMS local certificates 4. delete the machine's local configmgr hardware inventory data from WMI 5. stamps a reg key so we can inventory when the generalization script was run Not sure if all of these are required, but it seems to work for us. On Tue, Jul 18, 2017 at 10:37 AM, Burke, John <john.bu...@bellaliant.ca<mailto:john.bu...@bellaliant.ca>> wrote: Thanks From: listsad...@lists.myitforum.com<mailto:listsad...@lists.myitforum.com> [mailto:listsad...@lists.myitforum.com<mailto:listsad...@lists.myitforum.com>] On Behalf Of Jason Sandys Sent: Tuesday, July 18, 2017 11:47 AM To: mssms@lists.myitforum.com<mailto:mssms@lists.myitforum.com> Subject: [mssms] RE: VM gold images? what do you folks do? Current Branch Nothing has changed with this in as long as I can remember. You simply delete the cert, nothing more, nothing less. See https://docs.microsoft.com/en-us/sccm/core/clients/deploy/deploy-clients-to-windows-computers#a-namebkmkclientimagea-how-to-install-clients-with-a-computer-image<https://na01.safelinks.protection.outlook.com/?url=https%3A%2F%2Fdocs.microsoft.com%2Fen-us%2Fsccm%2Fcore%2Fclients%2Fdeploy%2Fdeploy-clients-to-windows-computers%23a-namebkmkclientimagea-how-to-install-clients-with-a-computer-image&data=02%7C01%7Cjames.beardsley%40dhgllp.com%7Cd0fcbd26bcbc4716fabd08d4cdf6c019%7Cd0bcae41470b4a069f20d1759ceb2b99%7C0%7C0%7C636359907052182455&sdata=oMPagQtL%2B1Lzqt%2FOdlgUH4nU1GfdpFfZQrjBjTHTo9I%3D&reserved=0> for details. The client auth cert is the client's identity card, thus changing it changes its identity which in turn forces it to regenerate any unique IDs and GUIDs. J From: listsad...@lists.myitforum.com<mailto:listsad...@lists.myitforum.com> [mailto:listsad...@lists.myitforum.com] On Behalf Of Burke, John Sent: Tuesday, July 18, 2017 8:15 AM To: mssms@lists.myitforum.com<mailto:mssms@lists.myitforum.com> Subject: [mssms] VM gold images? what do you folks do? Current Branch Hi Folks, Our vm team is asking us about putting the new CB sccm client in the gold image. I've been told that removing guide and cert isn't supported anymore. I'm wondering what you folks do with regards to vm gold images. ________________________________ Confidentiality Notice: This e-mail is intended only for the addressee named above. It contains information that is privileged, confidential or otherwise protected from use and disclosure. If you are not the intended recipient, you are hereby notified that any review, disclosure, copying, or dissemination of this transmission, or taking of any action in reliance on its contents, or other use is strictly prohibited. If you have received this transmission in error, please reply to the sender listed above immediately and permanently delete this message from your inbox. Thank you for your cooperation. ________________________________ Confidentiality Notice: This e-mail is intended only for the addressee named above. It contains information that is privileged, confidential or otherwise protected from use and disclosure. If you are not the intended recipient, you are hereby notified that any review, disclosure, copying, or dissemination of this transmission, or taking of any action in reliance on its contents, or other use is strictly prohibited. If you have received this transmission in error, please reply to the sender listed above immediately and permanently delete this message from your inbox. Thank you for your cooperation.
