Windows XP linked-clone virtual machines can fail to join the domain if your Active Directory runs on Windows Server 2008.

Problem

When linked-clone machines are provisioned, the linked clones fail to join the domain. View Administrator displays View Composer provisioning error messages. For example:

5/17/10 3:11:50 PM PDT: View Composer agent initialization state error (18): Failed to join the domain (waited 565 seconds)

Cause

This issue can occur if your Active Directory runs on Windows Server 2008. The Windows Server 2008 read-only domain controller (RODC) is not backward-compatible with Windows XP virtual machines.

Procedure

  1. Check the View Composer log for the following error message:

    0x4f1: The system detected a possible attempt to compromise security. Please ensure that you can contact the server that authenticated you.

    By default, the View Composer log file is generated in the Windows Temp directory: C:\Windows\Temp\vmware-viewcomposer-ga-new.log

  2. On the parent virtual machine, apply the Windows Server 2008 RODC compatibility update for Windows XP.

    See Microsoft Support Article 944043 at the following location: http://support.microsoft.com/kb/944043/en-us.

  3. Take a snapshot of the updated parent virtual machine.
  4. Recompose the linked-clone machines from the updated parent virtual machine and snapshot.