Hi everyone! Hope someone will be able to help.
Context: I’d like to replicate as much as possible of a given physical machine into a VM. My company has an imaging procedure that deploys the OS + additional apps through WinPE. At the end of the first step, there’s a join domain section. If I do that within a guest VM, at next reboot the system will be rejected when logging and the trust relationship removed. I’m pretty sure that it checks one or multiple fields that are rom-stored (in order to recognize whether the machine is part of our approved clients or not) and I’d like to change those in the guest VM’s environment for it to appear as it was my physical machine.
I tried creating a VM using vmware workstation player within the the physical one that is corporate-issued with the corporate image accepted (I can redeploy the corp image and it correctly joins the domain). I did that on a separate partition/OS so I can play and mess up with it if needed.
Using vmWare Player with the SMBIOS.reflect.Host = “TRUE” parameter in the corresponding vmx file works because in a welcome/system summary screen I see the manufacturer of the host and its product model instead of vmware’s values I had before the change.
But apparently this is not enough as I came across the same domain-trust problem at the end. I think the problem lies within the BIOS/motherboard that as they look completely different from those of the physical machine. I’d rather say the BIOS manufacturer most of all because other items are subject to change within same vendor and it would be too time-consuming to maintain an updated list of all those items: old corporate images can be used in new computers that didn’t exist when they were created and they work.
After spending a couple days, I came up with the fact that modyfying the BIOS.440.ROM is useless (it is used only when the VM is in BIOS mode, not EFI).
I previously used UEFITool on other machines for the NVMe patch and I am able to open vmware’s EFI ROMs (one is 32 one 64bit) and know how to pass them to the vm. I’ve also been able to identify the strings that have to be changed but the problem is that I don’t know how to do that beside exporting the containing blocks and re-importing them.
Tried to google around but found nothing except for SLIC stuff used to have the license associated to the physical server into a VM with windows 201x but this is a completely different scenario…
Any pointer on how should I edit the EFI.rom in order to replace those values?