On Wed, Aug 5, 2015 at 11:47 AM, Webster <[email protected]> wrote:
> I am new to building and maintaining ESXi in my lab (ESXi 6.0.0b) but I > never got the sysprep part of the VMware stuff to work for Win81 or Server > 2012+ (haven't tried Win10 yet). I learned to manually run sysprep instead. > Mark Russinovich says it isn't necessary to generate a new SID .. http://blogs.technet.com/b/markrussinovich/archive/2009/11/03/3291024.aspx if anyone would know, you'd think it would be him. Or Mark Minasi, maybe. About sysprepping, tho - when I create a new VM from a template, I do see it apply sysprep. You can tell - you power it up for the first time, wait 1 minute, it will automatically reboot, saying "Applying image customizations". I haven't needed to run sysprep on 2012 manually. And only now have I had to delete the SUS client ID manually. Specifically, these 2 keys: REG DELETE "HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate" /v SusClientId /f REG DELETE "HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate" /v SusClientIdValidation /f These 2: REG DELETE "HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate" /v PingID /f REG DELETE "HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate" /v AccountDomainSid /f came back and said "Unable to find the specified key". This was on Win2012 R2. > Webster > > > > ------------------------------ > *From:* [email protected] <[email protected]> > on behalf of Michael Leone <[email protected]> > *Sent:* Wednesday, August 5, 2015 10:33 AM > *To:* [email protected] > *Subject:* Re: [NTSysADM] Fwd: Win 2012 client registration problems to > WSUS v3 Win 2008 server > > They are VMs, created form a VMware Template. It runs sysprep as part of > the creation process, yes (or is supposed to, maybe the sysprepping isn't > working for Win2012). > > On Wed, Aug 5, 2015 at 10:55 AM, Andrew S. Baker <[email protected]> > wrote: > >> Were these boxes cloned from one another? >> >> >> http://blogs.technet.com/b/csstwplatform/archive/2012/05/28/wsus-script-to-delete-duplicate-sid-created-by-disk-imaging-disk-cloning.aspx >> > > > > That was it, yes. The first 2 deletes failed, saying key doesn't exist, > but the 3rd one passed, and do a "resetauthorization" and "detectnow" did > work, and all showed up properly. > > Not sure what is different in my Win2012 template as opposed to my Win2008 > template (only the Win2012 VMs showed a problem, not the Win2008 VMs), but > I can dig into that, and make it a point to run this script as part of the > rollout process. > > Thanks > > >> >> >> >> *ASB **http://XeeMe.com/AndrewBaker* <http://xeeme.com/AndrewBaker> >> *Providing Virtual CIO Services (IT Operations & Information Security) >> for the SMB market…* >> >> >> >> On Wed, Aug 5, 2015 at 10:35 AM, Michael Leone <[email protected]> >> wrote: >> >>> I have a WSUS v3.2.7600.226 server, running on Win 2008 R2. It has >>> 150+ clients, including some Win 2012 R2 clients. All has been working >>> fine for a few years. Now I am seeing an odd problem. >>> >>> Yesterday I created 2 new Win 2012 R2 clients, and Group Policy set >>> them to use the WSUS server, as usual. But the odd thing: Only 1 >>> client at a time shows up, they both won't show at the same time. >>> >>> Here's what I mean: 2 clients, SERVER8 and SERVER9. Neither was >>> showing up in the "All Computers" group, so I went to each, restarted >>> the BITS and Windows Update service, and issued a "wuauclt >>> /resetauthorization /detectnow". This is what I usually do for Win >>> 2008 R2 clients, who are having problems communicating with the WSUS >>> server. >>> >>> So I did that on SERVER8, and it then showed up in WSUS. I then did >>> the same on SERVER9. Oddly, SERVER8 then disappeared from WSUS, and >>> SERVER9 showed up. >>> >>> It's like I can have one or the other, but not both at the same time. :-) >>> >>> DNS is correct, each shows the proper IP address (when it does show >>> up). I see nothing in the Windows Event Logs of the WSUS server. I >>> don't see any errors in the WindowsUpdate.log file of the server. And >>> I see no errors in that file on the clients - in fact, I see things >>> like "4 updates detected", but nothing after to indicate why it's >>> dropping off the list. >>> >>> Ideas? Where to go next? >>> >>> >>> >> >
