I use a domain-joined golden image for my Citrix VDIs.
I’d like to automate the Windows updating of this image every month on Patch Tuesday.
Is it cool to simply rebuild the image from scratch (every month) and just prior to joining it to the domain, reset the computer account within AD?
Otherwise, what do you do?
Hi,
I don’t use Citrix VDIs, but we have many Windows golden images for many services.
I have a “base” image build with vsphere-iso. It’s only “installation + updates”.
I have services images, like MSSQL, … that is build with vsphere-clone from the base image, it installs the services.
And we have a “syspreped image”, that is build with the vsphere-clone from the services images.
All builds are schedule by CI in gitlab. We have “archives” images if a new image does not work (if an Win update is breaking the service)
I don’t know if it helps you, but this is how I work.
Perhaps you can add a element in the chain “join to domain”