Posted by As part as our provisioning process on Windows VMs in vCloud, we modify the guest customization section of VMs to add the provisioning user to the local administrators group. A stripped down version of the customization section on the VM looks like:
if “%1%” == “precustomization” (
goto end
) else if “%1%” == “postcustomization” (net localgroup administrators domain\user /add
)
:end
When the VM finished customizing, the provisioning user was not added to the local administrators group and the guest customization log (C:\windows\temp\customization-guest.log) file would contain the error:
System Error 1789 has occurred. The trust relationship between this workstation and the primary domain failed.
I could then manually add the user to the local administrators group with the command “net localgroup administrators domain\user /add” and received no error.
The VM was being joined to the domain via vCloud’s Domain Join functionality.
Since I was able to add the user manually, the trust relationship appeared to be OK and it seemed to be a timing issue. To test this I put a delay before attempting to add the user to the group:
if “%1%” == “precustomization” (
goto end
) else if “%1%” == “postcustomization” (timeout 15
net localgroup administrators domain\user /add
)
:end
The user was then successfully added to the group and the error hasn’t came back since.
orchestration.io 