Changing Active Directory OU Structure in View Deployments

I’m currently involved in a small VMware View project where I have to design everything, started from fileserver layout to group policies. After designing the organization units in Active Directory and binding GPOs to each of them, I realized that a lot of the GPOs are the same for every desktop group OU and it will be better to put them on top of these OUs. My current OU design is below.

View_OU

 

SO what will happen with View Composer VMs when I move one OU to a sub OU. Remember when using View Composer you have to specify the AD container under Guest Customization where your VMs will provision.

guestcustomization

 

In my case the AD container will change from OU=Shopname1,OU=Company,DC=domain,DC=local to OU=Shopname1,OU=Shop,OU=Company,DC=domain,DC=local.

 

Impact on Linked-clone operations

Refresh

A desktop refresh operation restores the OS disks to their original state and size. No Active Directory action is taken, because only the linked-clone snapshot is deleted and recreated.

Rebalance

A desktop rebalance operation redistributes linked-clone desktops among available datastores and can be used to migrate linked-clone desktops to another datastore. A rebalance refreshes also the linked-clone desktop. No Active Directoy action is taken as with the refresh operation.

Recompose

A desktop recompose operation simultaneously updates all the linked-clone desktops anchored to a parent virtual machine and creates new linked-clone desktop based on a new snapshot of the golden master virtual machine. The View composer user removes the computer accounts of the linked-clone desktops and recreates it with the new one. If the path to the OU is not correct the recompose process will not start and ends up in a non-meaningful error message.

changeou

 

You can open the vmware-viewcomposer.log, located at the server where the View Composer is installed (vCenter or Standalone). There you will find a more meaningful error message.

VMware.Sim.CommonLib.Exception.SimAdsException: The container or the computer account doesn’t exist. —> System.DirectoryServices.DirectoryServicesCOMException (0x80072030): There is no such object on the server.

Conclusion

Changing a OU with linked clones is possible as long as you will also change the settings of the Automated Pool. The only operation which is affected by the OU change is the Recompose process.

1 Response

  1. Harry says:

    Good post Manfred. Looks like this behavior has changed in Horizon 7.x

    I’ve issued a refresh command after changing the OU. Composer is now moving the computer objects automatically into the new OU.

Leave a Reply