I needed to convert a Windows Server 2012 instance into an AMI so that it could be deployed as part of an auto-scaling configuration.
My domain already existed and so I simply needed to grab the existing Sysprep2008.xml file from
And add in the following components under the respective sections.
Under the “Generalize” section.
<component name="Microsoft-Windows-Security-SPP" processorArchitecture="wow64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS" xmlns:wcm="http://schemas.microsoft.com/WMIConfig/2002/State" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">
Under the “Specialize” section.
<component name="Microsoft-Windows-UnattendedJoin" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS" xmlns:wcm="http://schemas.microsoft.com/WMIConfig/2002/State" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">
<MachineObjectOU>OU=Session Hosts,OU=Servers,DC=MyDomain,DC=local </MachineObjectOU>
I then copied the modified sysprep file back into C:\Program Files\Amazon\Ec2ConfigService\sysprep2008.xml overwriting the original template.
After that, I ran EC2Config as follows:
“Set Computer Name” – I may look into including my own custom naming convention at a later stage, but for the purposes of testing, this ensures my servers all have unique names.
“Shutdown with Sysprep” – Pretty obvious what this does.
Once Sysprep has run and the instance has just down, you can then create an AMI from the instance and start having fun with auto-scaling.
A couple of gotchas – if you have a password with any kind special characters within the sysprep file, EC2Config will crap out and report an error parsing EntityName.
Needs a little more investigation but I changed the password to something a little more straight forward and it worked no problem.
I’ll add a future post about my exploits with auto-scaling.