VM Template with customization not joining domain

trurodh · ‎01-16-2009

Hello

I have 2 ESXi hosts Version 3.5 U3 that are joined to a Virtual Center server 2.5 U3. They are in thier own datacenter and thier own cluster. This cluster is being used for our Windows XP workstations to either deploy individual VMs as well as a future VDI solution. We are also using Equallogic PS5500E iSCSI storage. All of the DNS and Routing configuration is correct.

The issue I am having as that when I deploy the XP VMs from a template (I have tried multiple templates that have worked in the past to ensure it is not the template) and use a customization spec that is set to have the VM join the domain, the VM fails to join the domain. The machine completes the cloneing process and changes the name and runs through the sysprep.

The log on the VM that is located in C:\windows\temp\vmware-imc show this at the end: (I removed the actual username and just replaced ti with domain\userid)

Deleted file C:\WINDOWS\system32\sysprepDecrypter.exe

Joining domain corp.bcidaho.loc using account Domain\userid and password '***'

The network location cannot be reached. For information about network troubleshooting, see Windows Help.

Retrying join operation with user = Domain\userid

The network location cannot be reached. For information about network troubleshooting, see Windows Help.

Rpci: Sending request='deployPkg.update.state 4 101 C:\WINDOWS\TEMP\vmware-imc\guestcust.log@The network location cannot be reached. For information about network troubleshooting, see Windows Help.

'

Rpci: Sent request='deployPkg.update.state 4 101 C:\WINDOWS\TEMP\vmware-imc\guestcust.log@The network location cannot be reached. For information about network troubleshooting, see Windows Help.

', reply='', len=0, status=1

The network location cannot be reached. For information about network troubleshooting, see Windows Help.

Customization in progress set to 0 at 2009-Jan-16 09:11:44

Rpci: Sending request='deployPkg.update.state 5 0 C:\WINDOWS\TEMP\vmware-imc\guestcust.log'

Rpci: Sent request='deployPkg.update.state 5 0 C:\WINDOWS\TEMP\vmware-imc\guestcust.log', reply='', len=0, status=1

SysprepDecrypter has unobfuscated the password successfully

The host messages log shows this information:

Jan 16 16:09:49 Hostd: Failed to validate VM IP address: unknown

Jan 16 16:09:53 vmkernel: 1:11:34:08.810 cpu3:3255)StorageMonitor: 196: vmhba32:5:0:0 status = 24/0 0x0 0x0 0x0

Jan 16 16:09:53 vmkernel: 1:11:34:09.220 cpu3:1027)StorageMonitor: 196: vmhba32:5:0:0 status = 24/0 0x0 0x0 0x0

Jan 16 16:10:01 crond[1395]: USER root pid 479331 cmd /sbin/decodeSel.sh #Every 10 minutes, translate the latest IPMI SEL data

Jan 16 16:10:40 Hostd: Failed to validate VM IP address: unknown

Jan 16 16:10:49 vmkernel: 1:11:35:05.108 cpu4:479146)Net: 4222: unicastAddr 00:50:56:9f:26:e5;

last message repeated 4 times

Jan 16 16:11:17 Hostd: Failed to

find activation record, event user unknown.

Jan 16 16:11:17 Hostd: Event 101 : An error occurred while setting up network properties of guest.

Please look into log file C:\WINDOWS\TEMP\vmware-imc\guestcust.log in guest for more information

Jan 16 16:11:17 Hostd: FormatField: Optional unset (vim.event.VmUuidAssignedEvent.vm)

Jan 16 16:11:17 Hostd: FormatField: Optional unset (vim.event.VmUuidAssignedEvent.host)

Jan 16 16:11:17 Hostd: FormatField: Optional unset (vim.event.VmUuidAssignedEvent.datacenter)

Jan 16 16:11:17 Hostd: Failed to validate VM IP address: unknown

Jan 16 16:11:38 Hostd: Failed to validate VM IP address: unknown

Jan 16 16:11:44 Hostd: Failed to

find activation record, event user unknown.*

Jan 16 16:11:44 Hostd: Event 102 : Customization of vm BLUEROOM-1 succeeded. Customization log can be

found at C:\WINDOWS\TEMP\vmware-imc\guestcust.log in guest*

Jan 16 16:11:44 Hostd: FormatField: Optional unset (vim.event.VmUuidAssignedEvent.vm)

Jan 16 16:11:44 Hostd: FormatField: Optional unset (vim.event.VmUuidAssignedEvent.host)

Jan 16 16:11:44 Hostd: FormatField: Optional unset (vim.event.VmUuidAssignedEvent.datacenter)

Jan 16 16:11:44 Hostd: Failed to validate VM IP address: unknown

I have searched the forums and will also be asking VMware to see if there is anyhting I am missing. Is there something with ESXi that is different from regular ESX that may cause this issue? Is the fact that there is not a SC perhaps responsible? The way I set up my network is I have 3 different Vswitches. 1 for the management network, one for the VMs themselves and one for iSCSI (Config below)

/var/log # esxcfg-vswitch -l Switch Name Num Ports Used Ports Configured Ports MTU Uplinks vSwitch0 64 4 64 1500 vmnic0

VM Network 0 0 vmnic0*
Management Network 0 1 vmnic0*

PortGroup Name VLAN ID Used Ports Uplinks

Production 0 34 vmnic1,vmnic2,vmnic5*

PortGroup Name VLAN ID Used Ports Uplinks

iSCSI 0 1 vmnic3,vmnic4*

PortGroup Name VLAN ID Used Ports Uplinks

Perhaps I am not supposed to separate the management network from the VMs?

If anyone sees anything that rings a bell in the above information I would certainly appreciate a response. It is driving me batty! I am able to join the domian fine once the vm is fully deployed, for some reason during the customization process the network is not getting setup to where it can pull a DHCP address. ell be something within our network causing the issues but thought I would see if anyone else came across this.

Thanks in advance for any help!

Rod Truslow

Troy_Clavell · ‎01-16-2009

I know this is a trivial answer to your well detailed post, but if your VM's are not pulling a DHCP address, then they will not be able to join the domain. You have your customization specs setup to allow the administrator to login at least once?

trurodh · ‎01-16-2009

Thanks Troy.

There in lies the problem , it should be pulling and it is not. Everything is set up to come to that end, but for some reason the portion where the network is setup during the customization to enable it to pull DHCP is not working. It should, but it is not ,and that is where the hair pulling is happening for me. I am hoping, that someone sees something in the log that I am overlooking. There is a portuion in the log that talkes about activation and that is puzzleing me as well. I am not sure if that is part of the issue as well.

Thanks though!

Rod

Troy_Clavell · ‎01-16-2009

you have your template's network adapter pointing the right network segment and the box for connect at power on is checked? You may want to convert the template to a VM, don't power it on, edit the settings and confirm everything is setup on the network adapter properly.

Dave_Mishchenko · ‎01-16-2009

Dave Mishchenko

VMware Communities User Moderator

Your discussion has been moved to the VI: Virtual Machine and Guest OS forum.

srinivasaddagat · ‎06-23-2009

I am facing similar problem. The same templates when moved to a different cluster of ESX hosts is working fine and the VMs are joing to domain. But the same template when kept in this cluster is not working fine. The VMs are failing to join to domain though the customization runs and the machine name changes accordingly.

I am sure there is no issue with the templates. It would be great if someone points me to the right solution.

Thanks

RobMokkink · ‎06-23-2009

The problem with sysprep and static ip's is that when the static ip address get set on the nic, a domain join is also executed.

An easy way to get around this, is to use the autologon with a Run Once script. Place the script in your template machine, make sure it get's deleted afterwards.

srinivasaddagat · ‎06-24-2009

There is a security concern her. To run the script to join the VM to domain, I need to give the credentials in the script. Frequently, we update the template with latest updates & applications if necessary and hence we dont want the credentials to be mentioned in the script which would be easily accessible if you convert it to VM.

Thanks

RobMokkink · ‎06-24-2009

You can use powershell so to create an encrypted password file or other utils like autoit. And the VM's are templates, no one else besides some administrators can convert them or power them on.