packer-plugin-azure icon indicating copy to clipboard operation
packer-plugin-azure copied to clipboard
verified publisher icon hashicorp

Documentation Issue with Sysprep in Deprovision /mode:vm and IIS machine Key

Open makaanneo opened this issue 2 years ago • 0 comments

Overview of the Issue

Creating a Windows 2016 Server Image by using an Azure Base Image Windows 2016 Datacenter with IIS installation in packer build

Add a Deprovision code block at the end for Windows based on Documentation

Creating A Vm from the Image try to restart the IIS with

iisreset /restart

does not work error 'Invalid signature' error form IIS Admin Service

Reproduction Steps

Image Build from Azure base Image for Windows 2016 Datacenter

Installing IIS with some features ('Web-WebServer','Web-Scripting-Tools','Web-Mgmt-Console','Web-DAV-Publishing','Web-Http-Redirect','Web-Asp-Net45','Web-AppInit')

executing Deprovision command at the end of the Packer build

 provisioner "powershell" {
    elevated_password = var.install_password
    elevated_user     = var.install_user
    inline = [
      "if( Test-Path $Env:SystemRoot\\System32\\Sysprep\\unattend.xml ){ rm $Env:SystemRoot\\System32\\Sysprep\\unattend.xml -Force}",
      "& $env:SystemRoot\\System32\\Sysprep\\Sysprep.exe /oobe /generalize /quiet /mode:vm /quit",
      "while($true) { $imageState = Get-ItemProperty HKLM:\\SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Setup\\State | Select ImageState; if($imageState.ImageState -ne 'IMAGE_STATE_GENERALIZE_RESEAL_TO_OOBE') { Write-Output $imageState.ImageState; Start-Sleep -s 10  } else { break } }"
    ]
  }
}

(This is based on the example inside the Azure ARM Packer Plugin Documentation)

Packer build succeeds successful.

Use for Packer build another hardware setting to use for building (Azure VM SKU) then for the VM deployed afterward

Error occurs afterward by creating an Azure VM from the image, then the Machine key for the IIS is updated/broken Error on direct service startup:

Windows could not start the IIS Admin Service on Local Computer. service-specific error code -2146893818

Eventlog error:

Event 7024
The IIS Admin Service service terminated with the following service-specific error: Invalid Signature

Plugin and Packer version

From packer version

1.8.5

Operating system and Environment details

Windows Server 2022, Azure, Different hardware for VM from image and Image build

Suggested Change

change the documentation for Deprovision a Windows VM (the example) accordingly to remove the option /mode:vm in the documentation, according to Microsoft Documentation it requires the Image to be deployed with the same Hardware Profile.

makaanneo avatar May 05 '23 07:05 makaanneo