I'm currently trying to deploy a Domain Controller using terraform and packer. I built a Windows Server 2016 template where I installed an Active Directory domain controller.
Here is how I deploy the VM:
resource "vsphere_virtual_machine" "Active_Directory" {
name = "Active Directory"
num_cpus = 2
memory = 4196
datastore_id = data.vsphere_datastore.datastore.id
host_system_id = data.vsphere_host.host.id
resource_pool_id = data.vsphere_resource_pool.pool.id
guest_id = data.vsphere_virtual_machine.template_win2016.guest_id
scsi_type = data.vsphere_virtual_machine.template_win2016.scsi_type
# Configure network interface
network_interface {
network_id = data.vsphere_network.AD_network.id
}
disk {
name = "Active Directory.vmdk"
size = "35"
}
# Define template and customisation params
clone {
template_uuid = data.vsphere_virtual_machine.template_win2016.id
customize {
windows_options {
computer_name = "DomainControl"
}
network_interface {
ipv4_address = "192.168.7.2"
ipv4_netmask = 24
}
ipv4_gateway = "192.168.7.1"
}
}
}
And the deployment fails with this error:
╷
│ Error:
│ Virtual machine customization failed on "/XXXX/vm/Active Directory":
│
│ timeout waiting for customization to complete
│
│ The virtual machine has not been deleted to assist with troubleshooting. If
│ corrective steps are taken without modifying the "customize" block of the
│ resource configuration, the resource will need to be tainted before trying
│ again. For more information on how to do this, see the following page:
│ https://www.terraform.io/docs/commands/taint.html
│
│
│ with vsphere_virtual_machine.Active_Directory,
│ on 061-Active Directory.tf line 6, in resource "vsphere_virtual_machine" "Active_Directory":
│ 6: resource "vsphere_virtual_machine" "Active_Directory" {
│
On the screen of the VM, there is this message "Windows Setup could not configure Windows to run on this computer's hardware"
There is no error in C:\Windows\Temp\vmware-imc. In C:\Windows\Panther\setuperr.log:
2021-04-29 08:10:19, Error [0x0f0082] SYSPRP ActionPlatform::LaunchModule: Failure occurred while executing 'CryptoSysPrep_Specialize' from C:\Windows\system32\capisp.dll; dwRet = 0x32
2021-04-29 08:10:19, Error SYSPRP ActionPlatform::ExecuteAction: Error in executing action; dwRet = 0x32
2021-04-29 08:10:19, Error SYSPRP ActionPlatform::ExecuteActionList: Error in execute actions; dwRet = 0x32
2021-04-29 08:10:19, Error SYSPRP SysprepSession::Execute: Error in executing actions from C:\Windows\System32\Sysprep\ActionFiles\Specialize.xml; dwRet = 0x32
2021-04-29 08:10:19, Error SYSPRP RunPlatformActions:Failed while executing SysprepSession actions; dwRet = 0x32
2021-04-29 08:10:19, Error [0x060435] IBS Callback_Specialize: An error occurred while either deciding if we need to specialize or while specializing; dwRet = 0x32
In C:\Windows\System32\Sysprep\Panther\setuperr.log:
2021-04-29 08:08:55, Error SYSPRP setupdigetclassdevs failed with error 0
2021-04-29 08:08:55, Error SYSPRP MRTGeneralize:98 - ERROR: Failed ConnectServer
I figured that 0x32 means "The request is not supported." (source:https://learn.microsoft.com/en-us/windows/win32/debug/system-error-codes--0-499-) but I don't understand what's going on. I guess the problem is related with MSRT, but i didn't find any similar bug about "Failed ConnectServer"
I tried to run a Windows update on the VM and change from Windows2016 to Windows2019, but nothing seems to work. Does anyone have an idea of what causing this problem ? Does Sysprep need a network connection to work ?
Edit: I also tried to use a custom minimal sysprep answer file, but I get exactly the same errors.
The first error was due to windows services that doesn't really have place in a Windows Server (like XboxGameSave). I just had to stop and disable those services. For the second error, it was Windows Defender that was to blame here. It appears that Antivirus in general tend to throw similar error.
Nevertheless, for some (still) unknown reason, these errors are still happening. With some luck, I should edit the answer later when answers are found.