VMware Horizon View Composer Failing to Install and Secure Boot

So why is VMware Horizon View Composer Failing to Install ?

Recently I have been testing moving Horizon View to Server 2016 since we will be migrating soon from 2012R2 to 2016 in production sometime this year. When I went to install Composer 7.5 (This also happened with 7.4) on a composer standalone configuration. I would run into the composer installer failing and attempting “Roll Back Action”. 

So I started digging into the event viewer and vmmsi.log which is located at (c:\users\%username%\Appdata\Local\Temp\) I started to notice 1603 setup exit code errors. After doing some digging, I found this in the log:

“CustomAction InstallVstor2Driver.5ACA97E0_7C64_4970_A763_840E81DAAF0B returned actual error code 1603 ”

So after finding this entry, I started looking at VMware Doc’s and KB articles. I found https://kb.vmware.com/s/article/2046707. I started verifying the SSLbind and ODBC Connection. Looking through the logs, I found no errors for ODBC or SSLbind settings. 

So I decided to check the event viewer one more time. I noticed a weird audit failure in security log which was Event ID “5038” and had the following description:

“Code integrity determined that the image hash of a file is not valid.  The file could be corrupt due to unauthorized modification or the invalid hash could indicate a potential disk device error.

File Name:\Device\HarddiskVolume4\Program Files (x86)\Common Files\VMware\VMware Universal File Access\vstor2-ufa.sys   ”

Right away I either knew it was one of two things: Secure boot or VBS (Virtual Based Security). After disabling Secure Boot, I was able to successfully install Composer 7.5. After a successful install, I looked at the “vstor2-ufa.sys” and dug into the digital signature which was signed by “VMware Inc” and was issued by “verisign” which is already trusted.  After rebooting, I turned Secure Boot back on and the composer service was still running. I then created a desktop pool and was able to use linked clones successfully!


The Lab Environment 

  • vCenter: vCSA 6.7
  • ESXi Host: 6.7
  • Tested Virtual Machine Version 13 and 14
  • Horizon View Connection Server:

Horizon View 7.5

Windows  Server 2016 OS build 14393.2248

  • Horizon View Security Server:       

Horizon View 7.5

Windows Server 2016 OS build 14393.2248

  •  Horizon View Composer Server

 Horizon View 7.5

Windows Server 2016 OS build 14393.2248

  •  SQL Server:

SQL Server 2016

Windows Server 2016 OS build 14393.2248


The Workaround 

1. Power Down the Virtual Machine that has the guest OS of Windows Server 2016 you’re trying to install composer on. 

Power off.jpg

2. Edit VM settings

3. VM Options

4. Boot Options

5. Uncheck Secure Boot

SB disabled.jpg

6. Press “OK” to confirm VM settings.

7. Turn VM back on

8. Install Composer

9. Let Composer reboot the guest OS

10. Once Guest OS successfully rebooted check the composer service is running.

Service.jpg

11. Shutdown the VM again

12. Re-enable Secure Boot again.

13. Turn on VM back on.

14. Verify Composer service is still running. 

15. Add Composer to Connection Server.

16. Test Linked Clones Functionally.


Thanks for reading and hopefully this helps someone else out.

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Google photo

You are commenting using your Google account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s