@jkatz
So everyone is cleared since I just experience the same issue not allowing me to create a new vm using the template.
Before you use the Windows 11 Template and you have it with SYSPREP ready. You need to go down to advanced and make sure you delete the VTPM
[image: 1769552292859-5d61aad5-013e-4cff-af7c-adbb4c4ca809-image.png]
then create the Template.
Once you create the vm again you will not receive the error and a vtpm will be created for the new VM with no issue.
Hope this helps.
@florent With CR running and NBD enabled for 2, I see both exports and one import (per disk). It's never the import that's stuck and only one (not both) of the exports (if it happens).
I have updated XCP 8.3 to the new January 2026 patch and XO to current master and will keep an eye on it again.
@florent, I had to do the same for Xen Orchestra Community Edition. In my case, config.toml already contained the [authentication] section, so adding a separate config.tokenValidity.toml file did not work.
Instead, I had to modify the existing config.toml located at /opt/xo/xo-server.
In my opinion, it is best to keep defaultTokenValidity set to 30 days as a fallback in case no value is specified. You can then simply increase maxTokenValidity to the duration you prefer.
[authentication]
defaultTokenValidity = '30 days'
# default value of 0.5 years
# comment out and increase to 5 years
#maxTokenValidity = ' 0.5 year'
maxTokenValidity = '5 year'
@mpiton thanks for sharing docs, the crucial part was openssl rand -hex 32
my password was too simple and that's why i got :"Query authentication does not match server setting" error
after setting 32 characters password i got my metrics, in both http://localhost:9004/metrics and http://<xo-ip>/openmetrics/metrics
Okay so it's indeed a certificate issue on your side. Double check your certs. Sometimes, you need to have a cert file with the intermediate authority.
@jmccoy555 I updated both the XO deployments to current code just now. Both were the same BTW before.
one still asks for the SR on every migration. One does not.
[info] Updating xen-orchestra from '4bed8eb86' to '175be4482'
I would REALLY like to figure this out. Annoying.
Thanks
Tim
@olivierlambert Ok cool, iSCSI is on its own Network on a Direct connection with Multipathing. In the past i have had problems with VMs going in Read Only Mode.
Thanks for your reply.
That's the issue. Why they don't have it is the problem/mystery.
Try to check if new replicated VMs got it. If not, I would check if you are correctly up to date.
@joearnon The browser javascript logs may give you useful information about what issue happened during the import as seen from XO's side.
However the disappearing SR issue makes me think you should look at XCP-ng logs, in particular /var/log/SMLog for storage-related logs and /var/log/daemon.log.
@jsawyer77 Did you follow the documentation when building XO? If not, then what process did you use?
Also, check to see if libvhdi-utils is installed and which version.
@olivierlambert You inadvertently solved this one, too, n parallel with @tony .
So, basically, as suspected, a template is nothing more than populating stuff that's in the basic and advanced webforms on Orchestra, anyway.
@julien-f said in Warnings showing in system logs following each backup job:
We'll see how many reports we get regarding this
One more from me. But it was actually your tech support that discovered them in conjunction with a ticket we have open.
@olivierlambert said in Backup failure: HTTP request has been canceled:
It's a problem when XO tries to get address from your srv02.xxx.com.
It just makes no sense that DNS would be an issue on this network. I guess if XO momentarilly looses connection during DNS lookup it could cause this problem. I've noticed sometimes that the webui of XOA sometimes can show red ? if I start live several live migrations. Maybe unrelated?
