You are not logged in.
- Topics: Active | Unanswered
#1 2024-06-14 15:23:04
- jimpudar
- Member
- Registered: 2019-04-01
- Posts: 1
Windows 11 VM with virt-manager on Intune
My employer uses Microsoft Intune to manage their Windows machines. They've thankfully been fine with me using Arch as my main OS, but I need a VM with my IT's Windows license for a specific task.
I was able to get a Windows 11 VM installed with virt-manager, and was also able to get the TPM 2.0 and Secure Boot working properly thanks to the awesome Arch Wiki.
Once that was installed, my IT department had me run the Get-WindowsAutopilotInfo PowerShell script inside the VM to find some kind of hardware identifier that they can use to register my VM with their Intune.
There's some kind of hardware issue with my particular IT-issued Thinkpad that has led to kernel panics in the middle of pacman operations which sometimes basically bricks the system. I'm sure if I spent the hours debugging, I'd be able to nail down the issue, but I don't have the time for this at the moment.
Instead of actually fixing the problem (which yes, I know is the correct answer here) I've just been keeping my /home directory on a separate partition and completely reinstalling Arch on my / and /boot partitions whenever this happens. (I scripted my particular install, I can go from bricked to completely up and running in about 30 minutes. It doesn't happen that often.)
I was able to tell virt-manager to keep the actual VM image in my ~/.local/share directory, so I won't lose that if this happens again. However, I've determined that virt-manager is also keeping files in /etc/libvirt and /var/lib/libvirt, including the XML definition of the VM itself and the *SECURE_VARS.fd file required for secure boot.
I really, really don't want to have to go through this song and dance with my IT department again, so I don't want the VM hardware to change in a way that would break the Intune enrollment.
For now, I've been using rsync -a to back up both /etc/libvirt and /var/lib/libvirt to my /home directory in the hopes that I can just copy them back over after a fresh reinstall, but this doesn't seem completely ideal.
This long winded introduction brings me to my questions:
Are there any other libvirt related files I'm missing here?
Anybody see a reason the VM might change in a way that breaks Intune if I do have to wipe my machine again?
Any other ideas that sound better than my rsync backup?
(Yes, I will eventually figure out why my kernel panics happen 
)
Thanks!
Offline