VMware Mirage 5.3 Release Notes

VMware Mirage 5.3 | 3 March 2015

These release notes cover the following topics:

About VMware Mirage

VMware Mirage offers a unique solution for managing physical or virtual desktops and laptops, and for BYO users, combining centralized management for IT and local execution for end users. When Mirage is installed on a Windows PC, it centralizes a complete virtual copy of that end point to the data center and keeps it synchronized. The synchronization includes changes from a user's Windows PC being uploaded to the data center, and changes from IT being downloaded and applied directly to the user's Windows PC. Mirage enables central image management of desktops while still allowing local execution at the user end point.

What's New in Mirage 5.3?

Mirage 5.3 introduces features that improve management of Mirage components. Included are the following new features and improvements:

  • Administrators can perform bare metal provisioning on endpoints that do not have an operating system installed. Bare metal provisioning bypasses a full Windows installation.
  • Mirage supports managing multiple platforms, including Windows Embedded for Point of Service (WEPOS), POSReady 2009, and POSReady 7 operating systems.
  • Mirage supports automated backup and full disaster recovery for devices running Windows Embedded POSReady operating systems.
  • Administrators can perform OS migration operations using Mirage PowerCLI.
  • Administrators can automate endpoint provisioning and perform various CVD operations using Mirage API or Mirage PowerCLI.
  • The Mirage Web Management console has an Image Manager role. Users with the Image Manager role can perform the following role-based tasks.
    • Provision endpoints
    • Create and manage reference machines
    • Capture, assign, and manage base layers and application layers
    • Manage system tasks
  • The Web console for the Mirage Gateway server includes several features that enable a more efficient installation and configuration process.
    • Additional validations for importing certificates to ensure the certificates are correctly generated.
    • Administrators can provide a user name instead of the full LDAP path syntax for an LDAP bind user.
    • Administrators are prompted to change the default password for the Mirage Gateway server during the first login.

Known Limitations with Mirage 5.3

The following limitations are known in this Mirage release.

  • Mirage supports up to 1,000,000 files per CVD on 32-bit systems. There are no file limits on 64-bit systems.
  • Local user profiles on a reference machine are deployed only in a base layer when used in Windows 7 migration or base layer provisioning. In image assignment and layer updates, only the default local user profile is deployed. Applications that require the creation and use of local user profiles are not suitable for inclusion in a base layer or an application layer.
  • During the streaming restore process, applications cannot access offline files before the Mirage service has started, which might impact their normal operation. You can extend the minimal restore setup to accommodate these specific applications. For further information, see the VMware Mirage Administrator's Guide.
  • All changes to the CVD on the server (base layer assignment, policy change) only propagate to the client on the next synchronization interval (by default, 1 hour, customizable by policy). Use the Sync Device action from the Mirage Management console or the Sync Now action from the endpoint device to force synchronization.
  • If the account password for a machine has expired after a restore operation, you might not be able to connect to the domain. This is a known issue with Active Directory and backups. See http://support.microsoft.com/kb/175468.
  • Mirage requires the default Windows Shadow Copy Provider 1.0. Use the line: vssadmin list providers command to view the VSS providers installed on the computer.
  • You cannot use the Windows Fast User Switching option. You must disable this option on the endpoint and reference machines before capturing a base layer.
  • Mirage only uploads and stores the main NTFS stream of a file. All other streams are not uploaded to, or restored from, a CVD.
  • Changes to a .pst file are uploaded from the endpoint into the CVD once a day. To ensure that the .pst file is successfully uploaded to the CVD before you perform a restore operation of a CVD to a new hardware, type zeroes in the LastFullUploadTicks value in the registry:
    HKEY_LOCAL_MACHINE\SOFTWARE\Wanova\Mirage Desktop Service\LastFullUploadTicks = 00 00 00 00 00 00 00 00
    and click Sync Now.
  • You cannot apply a base layer to an endpoint that removes or installs Kaspersky antivirus software. See http://kb.vmware.com/kb/2048424 for additional details and a solution.
  • When restoring a CVD that does not have Sophos SafeGuard Encryption installed to a machine that does have SafeGuard installed, the restoring procedure might fail. See http://kb.vmware.com/kb/2081607 for additional details and a solution.
  • If you work with multiple volumes, note the following:
    • Content of non-fixed drives (network maps, volatile devices such as Disk-on-key) is not uploaded to the server.
    • When you assign a base layer or an application layer to the endpoint, Windows fixed-drive letters on the endpoint must be the same as on the reference machine from which the base layer or app layer was captured. (For example, it cannot be C: on a CVD and D: on a base layer.)
    • By default, only the system volume is uploaded to the CVD. You can add volume drive letters to the upload policy to upload additional volumes.
  • You cannot deliver a SQL server in an app layer.
  • You cannot update a SQL server application using a Mirage base layer update or app layer update.
  • When reverting to Windows XP after an OS migration from Windows XP to Windows 7, 802.1X settings might not be preserved.
  • Mirage only supports delivery of a full Microsoft Office suite to endpoints that do not already have a Microsoft Office suite installed.
  • You cannot deliver two, full Microsoft Office suites in different layers.
  • Scenarios in which an endpoint has more than one version of a full Microsoft Office suite are not supported by Mirage.
  • Windows system restore points do not work on machines that have Mirage installed.
  • When you migrate operating systems on machines that have McAfee Endpoint Encryption installed, you must first perform one of the following procedures.
    • Decrypt the machine before the migration.
    • Centralize the machine, perform a bare metal provisioning procedure that includes user-profile migration, and perform a user-profile migration procedure from the CVD to the machine.
  • You cannot deploy different versions of Microsoft Office applications in different layers as part of the same deployment procedure.
  • You cannot perform migration operations and layer update operations on machines running Check Point Endpoint Full Disk Encryption.
  • Mirage does not support EFS-encrypted files on WEPOS.
  • Mirage decrypts EFS-encrypted files that were captured in the base layer as part of bare metal provisioning.

Issues Addressed in this Release

The following issues have been resolved since the last Mirage release.

  • When you assign a layer that includes a Microsoft Office 2013 product to a machine that already has a Microsoft Office 2013 SP1 product installed, Microsoft Office might not work.
  • When you activate the "Optimize for LAN environments" option for policy configuration, block-level optimization for large files is disabled.
  • Application layers that you did not select as part of a layer assignment are assigned in the Web Management console.
  • When Microsoft Office was not part of an assigned application layer, a warning validation for Microsoft Office layer assignment appears.
  • The notification for the download failure alarm closes while the base layer download is still processing.
  • When you delete an event in Mirage, an audit event is not created.
  • In some cases, when you cancel a "Delete CVD" task, the task is not canceled.
  • In rare cases, Mirage app layer upgrades might fail because there is inconsistency in the capitalization in the application properties.
  • The "Delete" button is disabled for archived CVDs in the Mirage Web Management console.
  • In rare cases, when you log in to the Mirage Management console, the console freezes on the Mirage configuration page.
  • When you run the Get-MirageCvd cmdlet in Mirage PowerCLI, archived CVDs are included in the returned list.
  • If you capture a base layer immediately after you install a Microsoft Office application, the license page in the wizard for the base layer capture does not appear.
  • When you close a docked item in the Mirage Web Management console, the confirmation dialog box does not appear.
  • When you filter CVDs by specific "Image Version" parameters in the CVD Inventory view of the Mirage Web Management console, results outside of the filter parameters appear.
  • In rare cases, when you are completing a layer update operation, Mirage might remove drivers for disabled network adapters.
  • If you have multiple machines in your Mirage environment that have the same BIOS and UUID, Mirage identifies the machines as a single device.

Known Issues in Mirage 5.3

The following known issues affect the Mirage 5.3 release.

  • If you apply a Windows 8.1 base layer that has a different Windows product ID than the one in the CVD, assigning the CVD to a different hardware device might cause user-installed Windows Store applications to not work. Clicking Repair when you try to launch the Windows Store applications might not repair them.

  • Workaround: Reinstall any user-installed Windows Store applications that do not work.
  • When performing an in-place Windows 8 migration, McAfee AntiVirus software might prevent Mirage from setting the correct access rights on directories. You might not be able to create or edit files.
    Workaround: Before you start the OS migration, disable McAfee access protection. For more information, see http://kb.vmware.com/kb/2052489
  • When you update a base layer or app layer, the power settings might be re-configured to the power settings of the reference machine.
    Workaround: Add the HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Power\User\PowerSchemes\ActivePowerScheme exclusion to the base image rules.
  • After performing an OS migration, if you try to revert to the previous OS image, the migration might fail due to lack of available disk space. Mirage does not consume local disk space for local files that are identical to the files in the reverted CVD image and in the same path.
    Workaround: Verify that the available disk space is greater than the size of the previous OS image. You can run the disk-cleanup utility and delete Windows installations to increase space.
  • When you perform an OS Migration from Windows 7 with Sophos SafeGuard 5.6 in the base layer to Windows 8.1 with Sophos SafeGuard 6.1 in the base layer, the migration might fail.
    Workaround: Before starting the OS migration, remove Sophos SafeGuard 5.6 from the Windows 7 base layer. After you migrate to Windows 8.1, install Sophos SafeGuard 6.1 on the Windows 8.1 machine.
  • Mirage does not detect the compatibility of a processer with the Hybrid Sleep capability of Windows 7 and Windows 8.1. After performing an OS migration from Windows 7 to Windows 8.1, the Hybrid Sleep function might not work.
    Workaround: Before you capture base layers for OS migration, disable Hybrid Sleep on the reference machine.
  • When you try to install an OS using a Mirage boot USB that has been configured for Windows 8.1 U1, the installation might fail.
    Workaround: When you configure the Mirage boot USB for Windows 8.1, do not use Update 1.
  • In rare cases, McAfee's Access Protection mechanism might block Mirage operations, such as downloading base layers, OS migration, provisioning, and so on.
    Workaround: Exclude the Mirage service from security products.
  • When you have an endpoint that has Symantec Endpoint Protection (SEP) version 12.1.671.4971 installed that you are migrating from Windows XP to Windows 7, the migration might fail.
    Workaround: Before starting the migration procedure, either uninstall SEP or upgrade to a newer version of SEP.
  • If you perform a base layer or app layer update that removes a Web-browser application that an end user has specified as their default Web browser, the end user might receive an error message when opening Websites or HTML files.
    Workaround: Advise the end user to re-install the Web browser or select another default Web browser.
  • When you perform a layer procedure that results in multiple versions of Microsoft Visio on a single machine, the Microsoft Office configuration window might display on an end user's machine when they open Microsoft Visio.
    Workaround: This is a known issue with Microsoft Office. See http://support.microsoft.com/kb/298947 and http://support.microsoft.com/kb/314392.
  • When you perform a layer procedure that includes Microsoft Office, if you open a Microsoft Office application before the "completing system updates" phase is finished, the Microsoft Office configuration window might appear.
    Workaround: Wait for all layer assignment procedures to finish before you run any Microsoft Office applications.
  • In rare cases, when you deliver a base layer that includes a Windows Live account, some sysprep operations might fail.
    Workaround: Do not capture a base layer that includes a Windows Live account. If you deliver a base layer that includes a Windows Live account and the user experiences issues, recapture the base layer without a Windows Live account.
  • When you perform a base layer procedure, the static IP address configured on the endpoint is not preserved.
    Workaround: Contact the VMware support team to obtain a post-layer script that preserves the static IP.
  • When two or more Microsoft Office applications are installed on a machine, and at least one is part of a layer, the interoperability of the remaining Microsoft Office applications might not work.
    Workaround: There is no workaround for this issue.
  • When you deploy a layer that includes Microsoft Office products to a machine that already has Microsoft products installed, and the architectures are different, you cannot manually install Microsoft Office products on the machine.
    Workaround: There is no workaround for this issue.
  • When you deploy a layer that includes a Microsoft Office product, and you update the Microsoft Office product, if you remove the layer that includes the Microsoft Office product, you might not be able to manually install Microsoft Office products.
    Workaround: See http://support.microsoft.com/kb/290301
  • When you migrate a CVD that has Microsoft Office 2013 installed, the Microsoft Office license activation does not migrate and Microsoft Office is in an unlicensed state.
    Workaround: Manually activate the Microsoft Office license from any application.
  • When you deliver a program in an app layer, a taskbar shortcut or desktop shortcut is automatically created. When you remove the program from the layer, Mirage does not delete the shortcut.
    Workaround: There is no workaround for this issue.
  • When you perform an OS migration procedure on a machine that contains ActivID software, the Mirage screen might disappear.
    This is a display issue. The migration procedure completes successfully.
  • When Mirage repartitions a device as part of a bare metal provisioning procedure, the boot configuration data does not retain the specified locale, and the boot menu language is set to English-U.S.
    Workaround: There is no workaround for this issue.
  • When you perform a provisioning procedure using a WinPE image, the Multiple file errors during scan warning message appears.
    You can ignore this warning.
  • When the Mirage client upgrade fails after a bare metal provisioning procedure, an event log is not sent to the server.
    Workaround: There is no workaround for this issue.
  • When you try to delete a layer, you receive a warning that the layer is assigned to at least one CVD. The CVDs that have that layer assigned do not appear in the Layer Assignments view.
    Workaround: Search for the CVD in the Archived CVDs view.
  • VSS might fail with a timeout error.
    Workaround: Install the hotfix for Windows 7 SP1 and later, see http://support.microsoft.com/kb/3000853.
  • When you run the BuildMirageWinPE command on the following operating system versions, the procedure fails.
    • Traditional Chinese Win7 x64
    • Simplified Chinese Win8.1 x86
    • German Win8.1 x64
    • French Win8.1 x64
    Workaround: Do not use these operating systems to run the BuildMirageWinPE command.
  • In rare cases, after you perform a restore operation on a POSReady 2009 machine, the POSReady2009 client enters a reboot loop because of the recurring LSA Shell failure.
    Workaround: There is no workaround for this issue.
  • When you apply a download-only image assignment to a device while it is still downloading the assignment, the first download-only assignment appears as running although it is canceled.
    Workaround: There is no workaround for this issue.
  • When you perform an OS migration procedure on machines that are encrypted using Sophos Safeguard 5.60.1, the operation might fail.
    Workaround: Contact the VMware support team for assistance.
  • When you perform a bare metal provisioning procedure on machines that have multiple boot operating systems, the operating system of the provisioned device is set as the default operating system.
    Workaround: Add the secondary operating system in the boot manager.
  • When you configure the Mirage Gateway server with a cluster of Mirage servers and DNS round-robin, the Mirage Gateway server might have the status "Up" in the Mirage Management console, but endpoints cannot connect to the Mirage Gateway server.
    Workaround: Contact the VMware support team for assistance.
  • When you perform a bare metal provisioning operation on a machine that is encrypted using BitLocker encryption, and use the default upload policy, the provisioning operation might fail.
    Workaround: Create a new CVD policy for the provisioned machine and select the "Protect selected volumes" option. When you start the provisioning operation, select the newly created CVD policy.