Sysprep: Does it remove Windows Credentials from an user account?

Question

I have an automated process that's supposed to build out an image and have that image deployed with a user that is setup to run a service. The user needs access to an azure network file share. In order to provide the credentials to access the file share, I save the credentials to Windows Credential Manager via the command below and have it run as my service account.

cmdkey /add:storage.file.core.windows.net /user:Azure\storage /pass:password

Then I add the network map via

net use Z: \\storage.file.core.windows.net\share /persistent:yes

The network is mapped and I am able to access the UNC path above. I then prepare the VM for image capture by running sysprep and generalizing it.

C:\Windows\Sysprep\Sysprep.exe /oobe /generalize /quiet /quit /mode:vm

When I spin up the image again, I am able to log into my service account, but the cmdkey I added has disappeared. I can write a scheduled task to re-add the cmdkey, but was wondering if it really is Sysprep that wipes out my Windows Credentials and if there's a way to avoid it.

Answer 1

I was using this method so I can create an image that already has a mounted network drive. What I found out was that my automated process (Packer), even if it was running under the same account, does not share the script session's credential and the user session credential.

Mounting a network share via a script (regardless if it is running on the same account) and expecting the share to be mounted in user sessions/applications will not work. The credential is not shared between the two.

What I did was I had my script create a batch file that mounts the network share as soon as my service runs, I know my service will be running on the session as the authenticated session, so I can just call my batch file and mount the network share from my service and my service should be able to access the network share.

It's interesting to note that if my service is authenticated as my account and it mounts the network share, I would be able to RDP and access the network share without providing credentials, which indicates that the application session is shared between an user interactive session.