• Clone virtual machines (without vCenter)
• VMRC console presentation

When you clone a virtual machine and want to use the new virtual machine at the same time as the source virtual machine, it's important that they are unique.
Not just on your hypervisor (VMware ESXi in this case), but also on the network.
For this, when you clone a virtual machine with Windows or Windows Server as a guest operating system, it's important to perform some additional operations for these virtual machines to be also unique on the network (in particular its NETBIOS name, its Security Identifier (SID), ...).

1. Cloning a virtual machine with a client version of Windows as a guest OS
2. Cloning a virtual machine with a server version of Windows as a guest OS

1. Cloning a virtual machine with a client version of Windows as a guest OS

For this tutorial, we will be using a virtual machine with Windows 10 v2004 x64 as the guest operating system.

As you can see, the MAC address of this virtual machine is : 00:0c:29:9b:99:52.

Although VMware ESXi doesn't provide an option to clone a virtual machine WITHOUT using VMware vCenter Server, it's still possible to do so in a number of ways.
To do this, refer to our tutorial "VMware ESXi 6.7 - Clone virtual machines (without vCenter)".

Using one of the techniques presented in the tutorial cited above, we created a copy of our "Win 10 v2004 x64" virtual machine and named it : Win 10 v2004 x64 - Clone.

However, if you look at the MAC address of the network card of this second virtual machine, you can see that it's the same MAC address.
The problem is, a network adapter's MAC address is a physical address that is supposed to be unique per network adapter (even if you buy 2 of the same model).
In addition, your switch uses it to know with whom to speak (thanks to an ARP table which contains the correspondences between the MAC addresses "xx:xx:xx:xx:xx:xx" and the IP addresses "xxx.xxx.xxx.xxx" that he knows).
If 2 computers have the same MAC address, the switch will not know the difference between these 2 computers.

Fortunately, to solve this problem, you will only need to start the new virtual machine at least once.
On the 1st start of this one, your VMware ESXi hypervisor will detect that this virtual machine has been moved or copied.
For a new MAC address to be assigned to this virtual machine, all you have to do is answer "I Copied It".

The virtual machine starts normally.

Now, if you check the MAC address of this new virtual machine, you will see that it has changed automatically.
For the switch, the network problem is therefore resolved.

However, you should also remember to change the computer name in the guest operating system when it comes to Windows.
This is because each Windows computer has a different name called "NETBIOS Name".
This name is used in various cases and in particular when you want to access this computer's shared folder from another computer on the network.

If 2 Windows computers have the same name, then there will be a conflict and this will cause problems for different Windows features.

You should also know that each Windows computer has a unique Security Identifier (SID).
To see it, just download the "PsGetSid" program available on the Microsoft site.

Once this program is downloaded, unzip the downloaded file and open a command prompt (cmd.exe).
Then, go to the "PSTools" folder that appeared and launch the file : PsGetsid.exe.

As you can see, the SID is the same on the source VM and on the new VM.
This can therefore pose a problem in some cases and in particular if you try to join the 2 virtual machines to the same Active Directory domain or if you try to access network shares.
Indeed, given that they have the same Security Identifier (SID), an error will appear when you try to join the 2nd virtual machine to your Active Directory domain.

Additionally, VMware recommends that you change the SIDs after copying a virtual machine to avoid various problems.
Source : Windows SID needs to be changed after copying a virtual machine directory (1000528).

To change the SID of a computer on Windows, all you have to do is go to the "C:\Windows\System32\Sysprep" folder of Windows, then launch the "sysprep.exe" file.

Important : check the "Generalize" box for the SID to be changed, then click OK.
Thus, sysprep will change the security identifier (SID) of this virtual machine and make your virtual machine on Windows unique.

Note that it's better to run sysprep before installing some software to prevent an error from occurring.

Sysprep performs some actions, and then your Windows virtual machine will restart automatically.

Depending on your version of Windows, some steps will appear to suggest you choose your country, your language, ...

Once the configuration steps have been completed, you will be taken to your Windows desktop.

If you display the computer name of your virtual machine, you will see that it will have been changed.
So, your virtual machine now has an unique computer name (NETBIOS name) on your network.

If you re-run the previously downloaded "PsGetsid" utility, you will see that the SID has changed.
This resolves the problems of joining an Active Directory domain, access to network shares, ...

2. Cloning a virtual machine with a server version of Windows as a guest OS

When you clone a virtual machine whose guest operating system is "Windows Server", it's even more important to make your virtual machines unique.
For this, we created a virtual machine on Windows Server 2016 x64 (but the version of Windows Server used doesn't matter).

As you can see, our "WS 2016 x64" virtual machine has a network adapter with a MAC address "00:0c:29:a3:08:73".

We then created a copy of our "WS 2016 x64" virtual machine which we named "WS 2016 x64 - Clone".

If you are observant, you must have realized that VMware ESXi didn't offer an option to clone a virtual machine from its web interface.
However, there are several unofficial techniques that can be used to do this WITHOUT using VMware vCenter Server.
If you are interested, refer to our tutorial : VMware ESXi 6.7 - Clone virtual machines (without vCenter).

As you can see, our "WS 2016 x64 - Clone" virtual machine has a network adapter with the same MAC address as our source virtual machine.
This will create a conflict on the network and prevent your switch from speaking correctly with your 2 virtual machines. Indeed, for him, there will be only one machine since the MAC addresses of the network adapters are supposed to be unique physical addresses per network adapter (even if they are of the same model).

To resolve this MAC address conflict, simply answer "I Copied It" when you launch the new virtual machine.

The virtual machine will start correctly.

If you check its MAC address, you will see that it will have changed automatically.
The problem of a single MAC address on the network is therefore quickly resolved.

On the other hand, when you use servers on Windows Server, it's also imperative that they have an unique security identifier (SID).
However, if you download and launch the utility "PsGetSid" from Microsoft on your 2 virtual machines on Windows Server, you will quickly see that this security identifier (SID) is identical on them.
Which will very quickly pose a problem.

In fact, in an Active Directory infrastructure, each computer and each server must have an unique security identifier (SID).
If this is not the case, an error message will appear when you try to join the second server to the same domain as the 1st server.

Plain Text

The following error occurred attempting to join the domain "informatiweb.lan":

The domain join cannot be completed because the SID of the domain you attempted to join was identical to the SID of this machine. This is a symptom of an improperly cloned operating system install. You should run sysprep on this machine in order to generate a new machine SID. Please see https://go.microsoft.com/fwlink/?LinkId=168895 for more information.

It's for this reason that VMware recommends that you change the SIDs of your Windows and Windows Server virtual machines when you copy them.
Source : Windows SID needs to be changed after copying a virtual machine directory (1000528).

As Microsoft very kindly indicates to you, to solve the problem, you will have to run the "sysprep" utility present in the "C:\Windows\System32\Sysprep" folder.

In the system preparation tool (Sysprep) that appears, check the "Generalize" box and click OK.

Important : you must check the "Generalize" box for the security identifier (SID) to be changed.

Wait while Sysprep performs some background actions.

Then, your virtual machine will restart.

Some configuration steps will appear.
Note that these steps change from one version to another of Windows Server.

Among these configuration steps, you can in particular set the password for the Administrator account of this virtual machine again on Windows Server.

Once the configuration steps are complete, you will be taken to your desktop.
Go to Windows Server system information and you will see that the computer name has been changed to be unique on your network.

If you restart the previously used "PsGetSid.exe" user, you will see that your server now has a new SID (security identifier).

Note that Sysprep has also reset other custom settings, including your server's network configuration.
If necessary, reconfigure these. But, be careful not to reuse the same IP address as on the source VM (if applicable).

Now, the problems of joining an Active Directory domain will be gone.
For this tutorial, we created an Active Directory domain on our 1st server and we tried to join the 2nd server to this Active Directory domain.

As expected, the message "Welcome to the informatiweb.lan domain" appears.

And once the server is restarted, we can see that it's now part of it.