Fixing the “A fatal error occurred while trying to sysprep the machine” error

While running on System Preparation Tool (Sysprep) the following error message thrown.

Error :

System Preparation Tool 3.14


A fatal error occurred while trying to sysprep the machine.





1) Inside the Sysprep Unattend.xml file located at c:\windows\system32\sysprep, delete skiprearm=1 from the section. In order to edit the Unattend.xml file, you will need to slave the HDD onto a working machine in order to have access to a text editor for editing the file.

2) Under HKEY_LOCAL_MACHINE\SYSTEM\Setup\Status\SysprepStatus\, set GeneralizationState to 7

3) From an administrative command prompt, type the following

msdtc -uninstall

msdtc -install

4) Under HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SoftwareProtectionPlatform\, change SkipRearm to 1

5) Rerun the sysprep

Refer :


performance counter

typeperf “\Memory\Available bytes” “\processor(_total)\% processor time”

typeperf “\Process(*)\pool nonpaged Bytes” “\processor(_total)\% processor time” -o c:\diskctr.csv

m/d/yy h:mm:ss AM/PM;@

Add trusted sites via regedit

1. Login to <DC>
2. Goto GPMc.msc
3.Right click on Domain policy-v1.0.
Goto userconfiguration–>preferences–>windows Settings–>Registry–>Right Click–
>New–>registry item–>update as below:

Action: update
Key Path:Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap
Value Name:https
Value type:REG_Dword
Value data:2
Base: Select “Decimal”

Key Path:Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap
Value Name:https
Value type:REG_Dword
Value data:2
Base: Select “Decimal”
Apply–>ok–Close the policy editor Window

Add trusted sites via group policy

1. Login to Domain Controller “IP” and open GPMC.MSC Console
2. Right Click on GPO : “Policy ver1.0” And Select “Edit….”
3. In Group Policy Management Editor Expand :
4. User Configuration/Policies/Administrative Templates/Windows Components/Internet Explorer/Internet Control panel /Security Page/Site to Zone Assignment List
5. Enable and add the ULR http://* and value as “2”
6. Apply and ok
7. Force the replication “repadmin /syncall /APd”

Useful Parameters of Get-ClusterLog

have 4 nodes cluster in my lab named SRV1, SRV2, SRV3, SRV4.

  • Default command – generates Cluster.log file on ALL nodes in C:\Windows\Cluster\Reports folder. File name would be Cluster.log


  • if we want the cluster log to be generated for specific node(s) then we can use –Node parameter. We can put comma separated node names as shown below.

Get-ClusterLog -Node SRV1, SRV3

  • You might know that the time shown in cluster log is UTC be default. Sometimes its difficult to translate UTC time to local time, specially for time-zones which has daylight saving. Luckily, cluster log can be generated in local time using parameter UseLocalTime . Here is the sample code.

Get-ClusterLog –UseLocalTime

  • Another useful parameter is to copy the files to specific location. This command would generate logs and also dump on specified location. in below example, I am dumping logs from all nodes to C:\Temp folder.

Get-ClusterLog –Destination “C:\Temp”

  • TimeSpan is another parameter which can generate cluster log for last number of minutes specified. By default it would generate Cluster.log for complete time. I find it useful when I repro’ed a problem and I want to look at cluster log for last 2 to 3 minutes. Here is the command to generate log for last 3 minutes.

Get-ClusterLog –TimeSpan 3

So, this is my favorite command after reproducing cluster issue on local node.

Get-ClusterLog -Node SRV1 -TimeSpan 2 -UseLocalTime -Destination C:\

find remote machine IP details

PsExec.exe \\ -u sitescope -p ram@2017 cmd.exe

hostname && net localgroup “administrators” && ipconfig | find /i “IPv4 Address”

AD Search Scopes

AD Search Scopes

In AD we can define a scope for our search. In most of the examples we have seen we are starting at the root of the domain and searching every OU. This is the default – also known as a SubTree search i.e. it searches all children of the defined container.

This examples use Get-ADUser but we could use the Quest cmdlets or a script. But the provider is limited to the defined container or all child containers of the root.

$ou = “OU=BlogTests,DC=Manticore,DC=org”
$user = “cn=usera,OU=BlogTests,DC=Manticore,DC=org”

“`Default Scope”
Get-ADUser -ResultSetSize 3000 -SearchBase $ou -Filter * |
Format-Table Name, DistinguishedName

Get-ADUser -ResultSetSize 3000 -SearchBase $ou -SearchScope Base -Filter * |
Format-Table Name, DistinguishedName

Get-ADUser -ResultSetSize 3000 -SearchBase $ou -SearchScope OneLevel -Filter * |
Format-Table Name, DistinguishedName

Get-ADUser -ResultSetSize 3000 -SearchBase $ou -SearchScope SubTree -Filter * |
Format-Table Name, DistinguishedName

“‘nBase Examples”
“single user”
Get-ADUser -ResultSetSize 3000 -SearchBase $user -SearchScope Base -Filter * |
Format-Table Name, DistinguishedName

“single object”
Get-ADObject -ResultSetSize 3000 -SearchBase $ou -SearchScope Base -Filter * |
Format-Table Name, DistinguishedName

The scope options are:

  • Base
  • OneLevel
  • SubTree

SubTree is the defined container and all child containers – including their children etc

%d bloggers like this: