What is the best way to configure a parent VM that will in turn get cloned into another future parent VM? A couple years ago, I built an earlier build on Windows 10 and went through the process of the steps below.
-Linked clones (no enterprise), non persistent floating pools with UEM as a profile manager, no appvolumes. All applications get installed directly to parent vm.
1. Build a new Windows 10 VM, enter sysprep audit mode, install tools, horizon agent, vmware uem (now dem), set Feature update deferral, installed updates, decrapified Windows 10 built in apps, ran the VMware Optimization tool. On reboot, selected enter OOBE with Generalize checked, and shutdown. I then cloned this VM to a template.
2. Cloned template to a new vitrual machine where i would go and install all applications (office, and all other applications), join domain etc.
3. Once all applications are installed, i would then clone this VM to serve as a parent to a different pool and will add different applications. In this i would use a Customization specification to reset SID/computer name etc.
KMS handles all Windows 10+Office activations.
Does anyone have a better guide on this? Is there something i'm missing?
Take a look at this guide. It shows you how to create an optimized image.
I have another question on this. When following through the guide and using the Optimization tool.
Once generalizing the image and finalizing it to create the template. Can this template be used for multiple parent VM's?
So if i deploy that template (will need 3 parent VM's with different applications etc.) will there be any type of duplication with the SID's etc?
Yes it can be used for multiple pools of desktops. When building a pool it looks at the snap shot of that image you created.
WHat kind of pool you deploying? Instant clone? if so then SID will be the same as the parent being deployed for that pool. If you reference the same snap shot to create say 3 pool then with instant clones it'll reference the same SID of the Master Parent.
I mean deploying the template 3-4 times for separate parent VM's which will then be used to create separate pools.
Not necessarily using the same parent for multiple pools.
I'm not sure if that makes sense.
Sure you can do that. Horizon Connection server will create new names and such for the pools you deploy. Best practices are to not domain join the golden image and when Horizon makes the pool it'll domain join them and create the naming convention you setup for the pool.
I typically always join my golden image to the domain prior to deploying. I'm not sure how that would impact deployments.
I do want to ask another question...
1. If i build out a parent VM following the guide from VMware, once everything is set and everything is ready to create a pool... is is possible to clone that parent VM to create another parent VM? I understand computer naming/sid etc. and i have a customization specification to apply. However, would it take the same office ID which would in turn take away from KMS activation counts?
2. If i don't clone, and decide to just create another parent VM from the template created in the VMware guide, will the computer SID differ from the first parent i created from the same template? I hope this makes sense.
Thanks again for your help
Building on this, i'm still running into a bit of confusion.
Following this guide Creating an Optimized Windows Image for a VMware Horizon Virtual Desktop | VMware
I have created a template which i intend to deploy this OVF to multiple separate machines... however, the template would be using the same computer SID across all 3 VM's created using this template.
1. After going through the Generalize/Finalize stages of the template creation and powering off the template, it's ready to be deployed using Deploy OVF Template.
-When deploying this template to 3 separate machines, they'll contain the same SID across the 3 machines. These 3 machines will each be used as separate 'parent/gold' VM's used to build pools. After deploying the template, i will manually change the computer name and then join the domain. I will finish installing applications separate and unique to each parent VM. (Using linked clones, no app volumes) In the past, i have always simply used Quickprep in the customization/recomposing stages of the pools. Are there any issues with this and possibly having duplicate computer SID's on the domain?
I'm currently on my first template being deployed, and would like to know prior to deploying the other 2... if there are issues down the line, it will be a lot of wasted time.
SIDs really aren't a factor any more so we shouldn't care if we have duplicates as long as we are running Sysprep at some stage (the OSOT runs this during the Generalize step).
You may want to read the post fro Microsoft: The Machine SID Duplication Myth (and Why Sysprep Matters) - Microsoft Tech Community - 723859
You can use the same master VM to create multiple pools, you can also choose to clone it to create alternative masters if that is what is needed. Note that you don't really need to join your master to the domain. The cloning and customization process that happens when you create pool takes care of the domain join.
So from the instructions i Generalize the Windows image prior to creating the template. The template i created is what i'm using to create these golden/parent VM's.
I just ran psgetsid across 2 that i created from the same template, and they have duplicate machine SIDs.
I don't have any intention on sysprepping these parent vm's after they have been created from the template since that's the whole purpose of creating that template.
Also, when building my pools, i use quickprep for recompse operations which apparently does nothing with the SIDs.
I have to join my parent VM's to the domain due to certain mappings requiring domain accounts to push an install of applications... it doesn't work any other way.
In this case now that you know my story, what can i do to get the SID changed on my parent VM? I've read through the article and it doesn't seem that the machine SID is really that much of a factor if any in this scenario. I still want to make sure each parent VM is unique.