February 9, 2011 Leave a comment
After the upgrade to VMware View 4.5, I wanted to test a Desktop pool with the new View Agent and Windows XP installed as Guest OS. But when the composer finished his job, it finished with a provisioning error:
So after a quick search I found out that this issue is documented on page 286 from view45_admin_guide.pdf:
Windows XP linked-clone desktops can fail to join the domain if your Active Directory runs on Windows Server 2008.
When linked-clone desktops are provisioned, the linked clones fail to join the domain. View Administrator displays View Composer provisioning error messages. For example:
5/17/10 3:11:50 PM PDT: View Composer agent initialization state error (18): Failed to join the
domain (waited 565 seconds)
This issue can occur if your Active Directory runs on Windows Server 2008. The Windows Server 2008 readonly domain controller (RODC) is not backward-compatible with Windows XP virtual machines.
1 Check the View Composer log for the following error message:
0x4f1: The system detected a possible attempt to compromise security. Please ensure that you
can contact the server that authenticated you. By default, the View Composer log file is generated in the Windows Temp directory: C:\Windows\Temp \vmware-viewcomposer-ga-new.log
2 On the parent virtual machine, apply the Windows Server 2008 RODC compatibility update for Windows XP. See Microsoft Support Article 944043 at the following location:
3 Take a snapshot of the updated parent virtual machine.
4 Recompose the linked-clone desktops from the updated parent virtual machine and snapshot.
You can also find the solution on kb.vmware.com:
This issue occurs when Windows XP desktops fail to join the Windows 2008 Active Directory domain.
To resolve this issue:
- Ensure that the Windows XP Master is updated with the latest Microsoft patches.
- Ensure that the Windows Server 2008 read-only domain controller (RODC) compatibility pack for Windows Server 2003 and Windows XP clients is installed in the master virtual machine.
For more information and to download the patch, see the Microsoft Knowledge Base article 944043.
Note: The preceding link was correct as of January 28, 2011. If you find the link is broken, provide feedback and a VMware employee will update the link.
After applying the patch, create a new snapshot for use with linked clone pools or convert the virtual machine to a template for full clone or deployment using Sysprep.
After applying the latest Windows XP updates and the patch mentioned above. I was able to deploy the XP desktop pool again. So if you are deploying View desktop with Windows XP in a Windows 2008 domain. Install the patch mentioned in KB944043.
Note. I saw this issue only on desktops with the latest View 4.5 agent installed. The desktop pool with the View 4.0 agent did work as expected.