Dear All,
If we clone a working Windows virtual machine with some applications configured on it, do we need to run Windows sysprep on cloned machine before joining it to network ?
Because I have a requirement, I want to clone a working machine to perform some tests on it. But I am thinking running sysprep on cloned machine, what effect it will have on installed software (Applications)
waiting for response.
Regards,
Hi,
If you application has no limitation about Windows SID, you can do it. if you have an application that you have no information about that and sysperp impact on that, you have to communicate with the application vendor.
It's recommended to do sysprep by VMware customization specification on vSphere, because cloned virtual machine will have same SID and it's not good on a domain.
Also some applications needs to unique SID on Windows for their management such as Symantec AV.
Use the "guest customization" feature when cloning or deploying from template, and "Generate a New SID." It works well. In addition to any possible application-specific SID bindings, I've seen Windows Update failures in WSUS environments. Mark Russinovich makes note of that as well:
"Note that Sysprep resets other machine-specific state that, if duplicated, can cause problems for certain applications like Windows Server Update Services (WSUS), so MIcrosoft's support policy will still require cloned systems to be made unique with Sysprep."
Blogs - Mark's Blog - Site Home - TechNet Blogs
If you for some reason decide not to use VMWare's Sysprep invocation via guest customization, you can do it manually:
Sysprep (Generalize) a Windows installation
Hello,
thanks for response. Actually mostly we get cloning request from our development dept. as they don't want to disturb the running application servers, they ask for a clone to perform some kind of testing. In this case actually the developers don't know about SID thing because this is a windows related.
Yes, I know in order to join windows domain, we must run SID after clone. So I was only concerned for application behavior but developers work on applications not us. What is the case generally, it affects or not in most cases ?
thanks,
In most cases, I find the application-level dependencies to be IP or Hostname bound (such as in IIS config files,) sometimes MAC bound (FlexLM,) but not usually SID-bound.
If it is a Microsoft-developed infrastructure application that talks to AD through ADAM/LDS/ADFS, etc, I'd definitely sysprep...