WimAsAService is still one of the most simple ways, to configure and build a customized Windows image which is fully patched and ready to use. These images can then be used as a base for your task sequences, directly installed on a device as an ISO or use the VHD to create new virtual machines.
If you have utilized the upload to a storage account mechanism and you tried to deploy a virtual machine based off a WimAsAService image, you might have noticed that you cannot connect to the virtual machine directly after setting up the resource.
This is due to the way we prepare our images and how Azure utilizes the built-in administrator account. During the sysprep phase, the built-in administrator will be disabled and can therefore not be utilized to initiate the Remote Desktop Session.
There is one easy fix that we can use – SetupComplete.cmd.
As all WimAsAService images, you can configure the image fitting for your use case. If you are simply deploying a single-session VM, select any of the supported Windows version available in the GLOBAL catalog. If you want to use the image within Azure Virtual Desktop, make sure to select a WVD-SKU as these include support for multi-session scenarios.
Next, we need to configure the PowerShell script that hooks itself into the SetupComplete process. Simply add a new PowerShell script and add it to the “Before sysprep” section:
The script itself creates a new PowerShell script within the %windir%\OEM folder which hooks itself into the custom script execution process. To make sure, that further SetupComplete scripts can be added in the future as well, the script also adds a hook to the next SetupComplete script.
Github Gist: SetupComplete – Enable Builtin Administrator · GitHub
And lastly, add the necessary configuration to be able to upload the generated VHD to the storage account of your choosing. You can find the required steps to configure the storage account as well as the SAS key within our wiki: WimAsAService Tutorials – Syntaro Help
Deploy your Azure VM
After WimAsAService has generated your image and the upload process to your storage account has succeeded, you can now deploy your Azure VM based off your WimAsAService image. To do so, you will need to create an Azure Image first, referencing your uploaded VHD. After you have created that image, simply deploy a new Virtual Machine and select the Image from your image list.
If you would have not included the simple logic of re-enabling the built-in administrator account through Setupcomplete, your sysprepped image would be running on your VM, but you would not be able to connect to the VM. Of course, there do exist fixes, the simplest one being the built-in password reset functionality. This not only resets the password but makes sure that the built-in account is active and part of the remote desktop services groups.
But as we utilized WimAsAService we were able to easily handle and configure this specific use case with the PowerShell script functionality that WimAsAService provides. After our VM has been setup, we can simply connect to the virtual machine with the previously configured credentials. Without the need to run a password reset first.
While this might only be an edge case you can see, that with the power of PowerShell, almost anything should be possible. We already blogged about a method of including the Autopilotprofile.json in your image to help customers with their move to the cloud.
Maybe you are already using some scripted logic in your image and think it should be part of WimAsAService or you are trying to build an automatic process but are blocked by our solution? Share your experience under the following here.