VMware Cloud Community
SCampbell1
Enthusiast
Enthusiast

Disable NIC during OS Customization of a Windows VM?

Does anyone know a way to prevent the NIC on a Windows VM from changing from StartConnected=$false/Connected=$false (desired state) to StartConnected=$true/Connected=$true as the OS Customization Spec is applied on first startup?  As soon as the VIEvent shows the customization has started, the NIC state is changed.

There is some Antivirus network communications stuff inside the template, and if the VM connects too soon, the AV database gets screwed up.  We need the NIC in the template to allow patches to be applied, and prefer not to delete/add the NIC because of internal Windows device issues, and not remove the AV software from the template and add it after the deployment.

Deleting the NIC Mapping from the Customization Spec fails.  There is no setting I can see to just leave the NIC alone but maybe there is something in the MoRef world that I haven't seen.

Setting "Nic".AllowGuestControl=$false doesn't achieve this goal.

The approach we're now considering is attaching the VM to a dead-end dvSwitch-based portgroup, starting the VM, then connecting to the "real" portgroup after.  This creates a dependency on the vCenter configuration and vSphere servers to publish that portgroup all over the place.  Unpleasant but manageable.

We could also watch VIEvents during the first startup and turn the NIC off as soon as we see it come on.  That seems risky since the VM will be connected to the network for a little while.

Environment is PowerCLI 6 connecting to vCenter 5.5

Anyone have any thoughts?

Thanks very much for for this....

Reply
0 Kudos
2 Replies
aaron416
Enthusiast
Enthusiast

Would it be possible to set the NIC to not start connected after applying the configuration and before powering up the VM for the first time? Roughly this is what I mean (though it can probably be written better):

deploy template, apply OS customization spec

get-vm $newVM | get-networkadapter | set-networkadapter -startconnected:$false

get-vm $newVM | start-vm

Besides that, another way may be to update the customization spec to have the NIC be disconnected and then connect it afterwards.

Reply
0 Kudos
SCampbell1
Enthusiast
Enthusiast

Hi Aaron,

Thank you very much for your reply.

Your proposed sequence is exactly what I tried, so it is good to have some confirmation

  • Deploy the template
  • Apply the OS customization spec
  • Set the NIC to start disconnected
  • Turn on the VM.  If you watch the VIEvent log for the VM you can see exactly when the OS customization spec (sysprep I assume) start event happens and at that moment the NIC is attached to the network and set to start connected.

I couldn't find a way to control the NIC in the OS customization spec.  If you delete the NIC mapping for the spec, the power on fails.  The settings in the NIC mapping that I could see basically allow you to set DHCP, static addresses, use the vsApplication or prompt the user.  You can't control the nic connectivity.

I might explore including a step in the sysprep process to disable the NIC inside the guest, then enable it later on.  However for now, I'm just attaching the NIC to an isolated portgroup during that initialization, then setting the start disconnected, disconnect and portgroup back when that finishes.

Thanks again!

Reply
0 Kudos