Weird problem with FOG & Sysprep Win 7 x64 Pro universal image …



  • Server
    • FOG Version: 1.4.2 - SVN Revision: 6072
    • OS: Debian 8
    Client
    • Service Version: FOG SmartInstaller : version 0.11.12
    • OS: Windows 7 PRO x64
    Description

    Hi all,

    I’m working on my Win7x64 Golden Image and have a strange issue.

    First, I would like to describe my environement and my test environement …

    • All drivers, scripts and images are on a NAS

    I use 2 Windows 7 PRO x64 images on a o7010 computer (same error with HP8000) :

    • Small win7 image used to test scripts, drivers injection and other things … Windows updated to may 2017. No GPO.
    • Golden win7 image with all softwares, all updates and all GPO for our domain.

    I use SYSPREP and the same unattend file for both images.

    • no antivirus program on the images

    Before i capture the image (same process for the both image), i run sysprep with an fonctionnal unattend xml file.

    After a deploy, i use PostdownloadScript to :

    • put .cab drivers into the C:\Windows\DRV folder (with the registry hack to add this value in … the device path …)
    • add some registry keys to join our samba domain (like DomainCompatibilityMode, DNSNameResolutionRequired etc …)
    • copy a unattend.xml NAS file into the C:\Windows\Panther folder
    • hack the unattend.xml (with sed tool) to set ComputerName, Password, MachineObject … with FOG values (domain jonction checked in the GUI)
    • copy the antivirus folder on C:\ for a installation at the SetupComplete.cmd process (msi method)

    In the Golden image, all reg keys has already modified before capture the image.
    Not on the small Win7 image.
    But, for futur, if i need to add / modify a regsitry value without rebuild image, i use fog to do that …

    In the Golden image, i set the GPOs.
    I set no GPO on the small test image.

    So … if i deploy the small image on the computer, the SYSPREP works fine.
    If i deploy the Golden Image on the computer, i have an error during the SYSPREP (rember, it’s the same unattend file … and same DVD installation source).
    My first things : maybe it’s the unattend file …. but i tried an other test …
    On my virtual machine, i open the unattend.xml and manually set the computerName … and i reboot.
    The unattend works fine …
    What the hell is going on ?
    I saved all logs of the Golden image sysprep.
    I found an error into the C:\Windows\Panther\setupact.log :

    2017-06-16 13:00:40, Info IBS Callback_Specialize: Internal Providers Specialized Failed. System can’t proceed to handle Internal Providers
    2017-06-16 13:00:40, Info IBS Callback_Specialize: Specialize return: [1627]
    2017-06-16 13:00:40, Error [0x060435] IBS Callback_Specialize: An error occurred while either deciding if we need to specialize or while specializing; dwRet = 0x65b

    I compare the 2 images before caputre (i used the snapshot feature) for the licence count and the both said « 1 ».

    If it was not a FOG issue, the SYSPREP will not work with the small image & VirtualBox image … no ?

    What do you thinks about that ?

    fog.postdownload :

    # verifier si l image est sysprepee ou non ...
    unattendWin7="/ntfs/Windows/System32/sysprep/unattend_win7x64.xml"; # dirty way to determine si image universelle ou non ...
    if [ -f "$unattendWin7" ]; then
    	echo "Image Universelle"
    	        . ${postdownpath}fog.drivers
    	        . ${postdownpath}fog.ad
    	        . ${postdownpath}fog.registry
    	        . ${postdownpath}fog.antivirus
    fi
    

    fog.registry :

    ## Preparation variables & path ... cles DomainCompatibilityMode, DNSNameResolutionRequired ... ruche SYSTEM ##
    regfileSYSTEM="/ntfs/Windows/System32/config/SYSTEM"
    ## DomainCompatibilityMode ##
    keyLanmanWorkstationParameters="ControlSet001\services\LanmanWorkstation\Parameters"
    keyDomain="DomainCompatibilityMode"
    keyDomainValue="0x1"
    ...........................................
    ...........................................
    ## Edition du registre, ruche SYSTEM avec les variables definies precedemment ... ##
    reged -e "$regfileSYSTEM" &>/dev/null <<EOFREG
    cd $keyLanmanWorkstationParameters
    nv 4 $keyDomain
    ed $keyDomain
    $keyDomainValue
    nv 4 $keyDNS
    ed $keyDNS
    $keyDNSValue
    q
    y
    EOFREG
    reged -e "$regfileSYSTEM" &>/dev/null <<EOFREG
    ......................................................
    ......................................................
    EOFREG
    
    echo -e "...................................."; 
    echo -e "...................................."; 
    echo -e "...................................."; 
    echo -e "\b\b\b\b\b\b\b\b\b\b\b${ceol}Registry Hack done ! Clés registres ajoutées !"; # this just removes "In Progress and replaces it with done :-)"
    
    
    

    fog.ad :

    #!/bin/sh
    # copie du fichier unattend depuis le NAS vers le dossier Windows ...
    cp -f /images/postdownloadscripts/unattend_win7x64.xml /ntfs/Windows/Panther/unattend.xml
    
    # suppresion d'un eventuel SetupComplete existant dans le dossier Windiws ... (sensible a la casse ...)
    rm -f /ntfs/Windows/Setup/Scripts/*etup*omplete.*
    # copie du fichier SetupComplete depuis le NAS vers le dossier Windows ...
    cp -f /images/postdownloadscripts/SetupComplete.cmd /ntfs/Windows/Setup/Scripts/SetupComplete.cmd
    
    hostadpwd="PASSWORD"; #only downside to this method- this is the plain ad password
    unattend="/ntfs/Windows/Panther/unattend.xml";
    if [ -f "$unattend" ]; then
        dots "Preparing Sysprep File";
    # suppression d'un eventuel fichier unattend dans le dossier sysprep ... pour que Windows cherche uniquement le unattend.xml dans le dossier Panther
        rm -f /ntfs/Windows/System32/sysprep/unattend*.xml;
        echo "Done";
        dots "Writing Computer Name";
        sed -i "/ComputerName/s/*/$hostname/g" $unattend
        echo "Done";
        dots "ComputerName Set To";
        echo $hostname
        dots "Set PC To Join The Domain";
        if [ "$addomain" != "" ]; then
            sed -i "/<JoinWorkgroup>/d" $unattend
            sed -i -e "s|<Password></Password>|<Password>${hostadpwd}</Password>|g" \
                -e "s|<Username></Username>|<Username>${addomain}\\\\${aduser}</Username>|g" \
                -e "s|<MachineObjectOU></MachineObjectOU>|<MachineObjectOU>${adou}</MachineObjectOU>|g" \
                -e "s|<JoinDomain></JoinDomain>|<JoinDomain>${addomain}</JoinDomain>|g" $unattend
            echo "Done";
        else
            echo "Skipped";
        fi
    fi```


  • My bad …
    After many waste of time to find the culprit, i finally found it … : me !
    Why ?
    Because i realized many many MANY tests (upload task, download task) to create my best-dream-universal-win7x64-image …

    So … i simply forgot to disable FOG service BEFORE ran sysprep on the Golden Image … (did it in the small test image)

    Now, the Sysprep works fine …

    But now, i know all sysprep logs … :

    • cbs.log
    • setup.etl
    • session.xml
    • setupact.log in Windows folder
    • setupact.log in Windows\Panther folder
    • setupact.log in Windows\Panther\unattendGC folder
    • setupapt.dev in Windows\inf
    • setupapt.offline in Windows\inf
    • setuperr in Windows\Panther …

    Shame on me !


  • Moderator

    I read through this and was just thinking - so many places for some problem to happen. As always with troubleshooting - eliminate the variables.

    I would recommend building a new image - try to sysprep it & capture. if this works, add the next component - try to sysprep & capture. If that works, continue to add a component at a time. To save you time in all these test steps, I would recommend installing & patching a clean Win7 OS and capturing that. For each test, deploy this image back to the computer it came from and tweak, just be sure to capture to a different image and not this one, does that make sense? You have to tear this process apart down to the pieces to figure out where the issue is.


Log in to reply
 

Looks like your connection to FOG Project was lost, please wait while we try to reconnect.