Notice of Pre-AIA  or AIA  Status
The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA .

DETAILED ACTION
Claims 21-40 are currently pending and have been examined.

Information Disclosure Statement
The information disclosure statement (IDS) submitted on 12/22/2020 has been considered. The submission is in compliance with the provisions of 37 CFR 1.97. Form PTO-1449 is signed and attached hereto.

Double Patenting
The nonstatutory double patenting rejection is based on a judicially created doctrine grounded in public policy (a policy reflected in the statute) so as to prevent the unjustified or improper timewise extension of the “right to exclude” granted by a patent and to prevent possible harassment by multiple assignees. A nonstatutory double patenting rejection is appropriate where the conflicting claims are not identical, but at least one examined application claim is not patentably distinct from the reference claim(s) because the examined application claim is either anticipated by, or would have been obvious over, the reference claim(s). See, e.g., In re Berg, 140 F.3d 1428, 46 USPQ2d 1226 (Fed. Cir. 1998); In re Goodman, 11 F.3d 1046, 29 USPQ2d 2010 (Fed. Cir. 1993); In re Longi, 759 F.2d 887, 225 USPQ 645 (Fed. Cir. 1985); In re Van Ornum, In re Vogel, 422 F.2d 438, 164 USPQ 619 (CCPA 1970); In re Thorington, 418 F.2d 528, 163 USPQ 644 (CCPA 1969).
A timely filed terminal disclaimer in compliance with 37 CFR 1.321(c) or 1.321(d) may be used to overcome an actual or provisional rejection based on nonstatutory double patenting provided the reference application or patent either is shown to be commonly owned with the examined application, or claims an invention made as a result of activities undertaken within the scope of a joint research agreement. See MPEP § 717.02 for applications subject to examination under the first inventor to file provisions of the AIA  as explained in MPEP § 2159.  See MPEP §§ 706.02(l)(1) - 706.02(l)(3) for applications not subject to examination under the first inventor to file provisions of the AIA . A terminal disclaimer must be signed in compliance with 37 CFR 1.321(b). 
The USPTO Internet website contains terminal disclaimer forms which may be used. Please visit www.uspto.gov/patent/patents-forms. The filing date of the application in which the form is filed determines what form (e.g., PTO/SB/25, PTO/SB/26, PTO/AIA /25, or PTO/AIA /26) should be used. A web-based eTerminal Disclaimer may be filled out completely online using web-screens. An eTerminal Disclaimer that meets all requirements is auto-processed and approved immediately upon submission. For more information about eTerminal Disclaimers, refer to www.uspto.gov/patents/process/file/efs/guidance/eTD-info-I.jsp.

Claims 21, 24, 27, 33 are rejected on the ground of nonstatutory double patenting as being unpatentable over claims 1, 5 and 13 of U.S. Patent No. 10,509,663   in view of Rindhal el al (U.S. Pub. No. 20120179820). 
The differences between the claims are bolded in the table below:
INSTANT APPLICATION (Current)
U.S. Patent No. 10,509,663 B1
21. A computer-implemented method, comprising:
creating a virtual network associated with a domain based at least in part on a fully qualified domain name, a range of network addresses, and a selected region to host a directory domain controller, the domain including a managed directory, where access to the  managed directory is provided by the directory domain controller;
receiving a first application programming interface request to instantiate, by a virtual machine instance service, a virtual machine instance;
at an interval of time after the virtual machine instance has been instantiated, receiving a second application programming interface request to assign 
enabling a managed directory service for the virtual machine instance by at least modifying, by an agent executed by the virtual machine, settings of an operating system of the virtual machine instance in accordance to configuration information provided to the agent, the configuration information including at least … credentials for an account associated with the domain that has sufficient permissions to join the virtual machine instance to the managed directory; and






causing the directory domain controller to join the virtual machine 

24.    The computer-implemented method of claim 22, wherein the computer-implemented method further comprises generating a temporary credential to verify, by the directory domain controller, that the virtual machine instance is authorized to join the virtual machine instance to the managed directory.











receiving, at a computing resource service provider separate from a requesting device, a request from a user associated with the requesting device to launch a virtual machine instance to be joined to a directory, the directory including a directory domain controller; 
processing, by the computing ; 
storing, by the computing resource service provider, the configuration information; 
obtaining, at the computing resource service provider, a temporary set of credentials generated by launching the virtual machine instance; 
authenticating, by the directory domain controller, that the user is authorized to join the directory based on the temporary set of credentials; 

transmitting, by the computing resource service provider, a command to the directory domain controller to create a computer account corresponding to the directory; and 

causing, by the directory domain controller, the virtual machine instance to 


Claim 5 is system variation of claim 1.
Claim 25 is a non-transitory computer-readable storage medium variation of claim 1.
Claim 13 is a non-transitory computer-readable storage medium variation of claim 1.


Although the claims at issue are not identical, they are not patentably distinct from each other because both the instant claims and the patent claims are directed to causing a virtual machine instance to join a managed directory and have similar claim limitations. A difference between the instant claims and the patent claims is that the .

Claim Rejections - 35 USC § 103
The following is a quotation of 35 U.S.C. 103 which forms the basis for all obviousness rejections set forth in this Office action:
A patent for a claimed invention may not be obtained, notwithstanding that the claimed invention is not identically disclosed as set forth in section 102 of this title, if the differences between the claimed invention and the prior art are such that the claimed invention as a whole would have been obvious before the effective filing date of the claimed invention to a person having ordinary skill in the art to which the claimed invention pertains.  Patentability shall not be negated by the manner in which the invention was made.

Claims 21-40 are rejected under 35 U.S.C. 103 as being unpatentable over Ringdahl et al. (U.S. Pub. No. 20120179820 A1) in view of Seliger et al. (U.S. Pub. No. 20070300220 A1), and further in view of Kumar et al. (U.S. Pub. No. 20080140618 A1).
Ringdahl, Seliger and Kumar were cited in a previous Office Action.

As per claim 21, Ringdahl teaches the invention substantially as claimed including a computer-implemented method, comprising: 
creating a virtual network associated with a domain based at least in part on a fully qualified domain name, a range of network addresses, and a selected region to host a directory domain controller, the domain including a managed directory, where access to the managed directory is provided by the directory domain controller (Figs. 3-4, describe virtual network associated with Active directory, domain controller, domain name service DNS [configured map domain names  to IP addresses], virtual desktop hosts; par. 0063 for example, the desktop obtains a network address from the domain server for the enterprise for which the desktop is allocated. This domain server is accessible because the desktop is allocated on a machine that is placed on the virtual local area network allocated to the enterprise);
receiving, at an interface of a virtual machine instance service, a first application programming interface request to instantiate a virtual machine instance (par. 0023-0024, virtual desktops [virtual machines] cam be made available on demand to users by a service provider; par. 0057 The tenant manager systems 702 and 702 use the resource manager to manage the inventory of available host machines, desktops and storage, and allocate these resources 718 for desktops 720 in response to requests for desktop resources from users; par. 0058 Given the APIs to access the hypervisors and storage in the cloud as well as at the service provider, resources for desktops can be allocated and the desktops created using the tenant management systems and resource manager);
at an interval of time after the virtual machine instance has been instantiated, receiving a second application programming interface request to assign the virtual machine instance to the virtual network associated with the domain (par. 0063 As a particular example of post-cloning customization, when a desktop [virtual desktop or VM] is activated, a domain join process is performed. This process involves having the desktop join a network domain. For example, the desktop obtains a network address from the domain server for the enterprise for which the desktop is allocated. This domain server is accessible because the desktop is allocated [assigned] on a machine that is placed on the virtual local area network allocated to the enterprise). 
Ringdahl des not expressly teach: enabling a managed directory service for the virtual machine instance by at least modifying, by an agent executed by the virtual machine, settings of an operating system of the virtual machine instance in accordance to configuration information provided to the agent, the configuration information including at least the fully qualified domain name and credentials for an account associated with the domain that has sufficient permissions to join the virtual machine instance to the managed directory: and causing the directory domain controller to join the virtual machine instance to the managed directory based at least in part on the fully qualified domain name and credential information associated with the domain settings of the operating system modified by the agent.
However, Seliger teaches:
enabling a managed directory service for the virtual machine instance by at least modifying, by an agent executed by the virtual machine, settings of an operating system of the virtual machine instance in accordance to configuration information provided to the agent, the configuration information including at least … credentials for an account associated with the domain that has sufficient permissions to join the virtual machine instance to the managed directory (par. 0121 … The player 800 reads (in process 1006) the project information from the distribution medium 704 and from the token 302 and sends this information to the provisioning program 812. This information includes the computer naming pattern, time zone, screen resolution and color depth and key for decrypting the virtual machine image …The provisioning program 812 uses this information to create (in process 1008) a SYSPREP.INF file. For example, the provisioning program 812 generates a name string for the virtual machine 808 according to the naming pattern specified … The provisioning program 812 sets a parameter in the SYSPREP.INF file … The provisioning program then reseals (in process 1010) the operating system; par. 0122 The provisioning program then restarts (in process 1012) the virtual machine 808, and the operating system starts (in process 1014) the mini setup procedure; par. 0123 Once the mini setup procedure completes, the GINA 811 prompts (in process 1016) the user for credentials, such as a username and a password. Optionally, if needed to establish a VPN connection [implicitly uses network address] between the virtual machine 808 and the user's enterprise network [equiv. to domain], the GINA 811 prompts for additional credentials, such as a second username, a second password and a pseudo-random passcode. Para. 0124 The GINA 811 uses the user-entered credentials to establish (in process 1018) a VPN connection 814 to the user's enterprise network 816. 
 causing the directory domain controller to join the virtual machine instance to the managed directory based at least in part on the fully qualified domain name and credential information associated with the domain settings of the operating system modified by the agent (par. 0125, Consequently, the GINA 811 communicates with the player 800 to obtain … the credentials of an account that can be used to join the virtual machine 808 to a domain on the enterprise network ... The virtual machine 808 then executes a program that joins the virtual machine 808 to a domain, using the credentials stored on the computer distribution medium 704 and passed to the program by the player 800 via the connection 813).
It would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to modify teaching of Ringdahl to include methods to join a virtual machine as set forth by Seliger, because it would provide for newly instantiated and existing virtual machines to join an existing domain using the specified credentials, network address, thereby gaining access to content of the domain.
Ringdahl and Seliger does not expressly disclose:  a fully qualified domain name. 
However, Kumar discloses using a fully qualified domain name (par. 0007 fully qualified domain name or IP address of the server containing the naming context). 
It would have been obvious to a person having ordinary skill in the art before the effective filing date of the claimed invention to modify the teaching of Ringdahl, Seliger and Seliger to incorporate a fully qualified domain name for the managed directory and 

As per claim 22, Seliger teaches evaluating one or more policies to generate a determination that the virtual machine instance is authorized to access the managed directory (par. 0096 operating system typically includes a graphical identification and authentication (GINA) or other similar component to implement an authentication policy of an interactive logon model; par. 00125 GINA 811 communicates with the player 800 to obtain (in process 1020) the credentials of an account that can be used to join the virtual machine 808 to a domain on the enterprise network. (Typically, the end-user does not have sufficient privileges to join a computer to the domain.) As noted, these credentials are stored on the computer medium 704. The virtual machine 808 then executes a program that joins the virtual machine 808 to a domain, using the credentials stored on the computer distribution medium 704).

As per claim 23, Seliger teaches wherein the credential information further comprises default credential information generated in response to a request to create the domain that does not include the credential information (par. 0125 … GINA 811 recognizes this as the first time the user has logged on. Consequently, the GINA 811 communicates with the player 800 to obtain … the credentials of an account that can be used to join the virtual machine 808 to a domain on the enterprise network).

As per claim 24, Seliger teaches wherein the computer-implemented method further comprises generating a temporary credential to verify, by the directory domain controller, that the virtual machine instance is authorized to join the virtual machine instance to the managed directory (par. 0125 … GINA 811 recognizes this as the first time the user has logged on. Consequently, the GINA 811 communicates with the player 800 to obtain (in process 1020) the credentials of an account that can be used to join the virtual machine 808 to a domain on the enterprise network. (Typically, the end-user does not have sufficient privileges to join a computer to the domain.) As noted, these credentials are stored on the computer medium 704. The virtual machine 808 then executes a program that joins the virtual machine 808 to a domain, using the credentials)

As per claim 25, Seliger teaches wherein the computer-implemented method further comprises, as a result of the determination indicating that the virtual machine instance is not authorized to access the managed directory, disabling functionality of the virtual machine instance to prevent the virtual machine instance from accessing the managed directory (par. 0125 … If the VPN connection is refused due to invalid user credentials, the GINA 811 re-prompts the user and retries to establish the VPN connection using subsequently-entered end-user credentials).

As per claim 26, Ringdahl teaches wherein creating the virtual network associated with the domain is further created based at least in part on one or more domain name system Internet Protocol addresses for the managed directory, the one or a network address from the domain server for the enterprise for which the desktop is allocated. This domain server is accessible because the desktop is allocated on a machine that is placed on the virtual local area network allocated to the enterprise).

As per claim 27, Ringdahl teaches the inventions substantially as claimed including a system, comprising: 
one or more processors; and memory storing instructions (Fig. 1-3, Disclose system including service provider including resources, which inherently include processor and storage; par. 0027),   that, as a result of being executed by the one or more processors, cause the system to:
cause a networking service to create a domain within a virtual network, the domain including at least a … a set of network addresses (Figs. 3-4, describe virtual network associated with Active directory, domain controller, domain name server DNS [configured map domain names to IP addresses], virtual desktop hosts; par. 0063 for example, the desktop obtains a network address from the domain server for the enterprise for which the desktop is allocated. This domain server is accessible because the desktop is allocated on a machine that is placed on the virtual local area network allocated to the enterprise);
cause a managed directory service to generate a managed directory and a directory domain controller, the directory domain controller instantiated with a particular region and responsible for providing access to objects within the managed directory (Figs. 3-4, service provider management, an Active Directory, domain controller);
cause a virtual machine instance service to instantiate a virtual machine instance to be assigned to the domain (par. 0063 As a particular example of post-cloning customization, when a desktop [virtual desktop or VM] is activated, a domain join process is performed. This process involves having the desktop join a network domain. For example, the desktop obtains a network address from the domain server for the enterprise for which the desktop is allocated. This domain server is accessible because the desktop is allocated [assigned] on a machine that is placed on the virtual local area network allocated to the enterprise).

Ringdahl does not expressly teach: an agent executing within an operating system of the virtual machine instance enabling access to the managed directory through the directory domain controller based at least in part on the fully qualified domain name and credentials with sufficient permissions to enable the virtual machine instance to join the managed directory; cause the directory domain controller to join the virtual machine instance to the managed directory based at least in part on the fully qualified domain name.
However, Seliger teaches: 
an agent executing within an operating system of the virtual machine instance enabling access to the managed directory through the directory domain controller based at least in part on … and credentials with sufficient permissions to enable the virtual machine instance to join the managed directory (par. 0121 …  user's enterprise network [equiv. to domain], the GINA 811 prompts for additional credentials, such as a second username, a second password and a pseudo-random passcode. Para. 0124 The GINA 811 uses the user-entered credentials to establish (in process 1018) a VPN connection 814 to the user's enterprise network 816. Here, the provisioning program and the GINA [equiv. agent(s)] enable access to the domain in the enterprise network); 
cause the directory domain controller to join the virtual machine instance to the managed directory based at least in part on the fully qualified domain name (par. 0125, Consequently, the GINA 811 communicates with the player 800 to obtain … the credentials of an account that can be used to join the virtual machine 808 to a 
It would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to modify teaching of Ringdahl to include methods to join a virtual machine to a domain as set forth by Seliger, because it would provide for newly instantiated and existing virtual machines to join an existing domain using the specified credentials, network address, thereby gaining access to content of the domain.
Ringdahl and Seliger does not expressly disclose:  a fully qualified domain name. 
However, Kumar discloses using a fully qualified domain name (par. 0007 fully qualified domain name or IP address of the server containing the naming context). 
It would have been obvious to a person having ordinary skill in the art before the effective filing date of the claimed invention to modify the teaching of Ringdahl, Seliger and Seliger to incorporate a fully qualified domain name for the managed directory and one or more domain name system Internet Protocol addresses for the managed directory as set forth by Kumar, because it would have provided the advantage to accurately specify the exact location of the domain controller with predictable results.

As per claim 28, it is a system having similar limitations as claim 22. Thus, claim 27 is rejected for the same rationale as applied to claim 22.

As per claim 29, Kumar teaches receive, from the networking service, the fully qualified domain name; and provide the fully qualified domain name to the agent (par. 0007 … fully qualified domain name or IP address of the server containing the naming context).

As per claim 30, Seliger teaches cause the agent to transmit a request to join the virtual machine instance to the managed directory, the request including at least the fully qualified domain name to the agent (par.00125 … GINA 811 communicates with the player 800 to obtain (in process 1020) the credentials of an account that can be used to join the virtual machine 808 to a domain on the enterprise network … As noted, these credentials are stored on the computer medium 704. The virtual machine 808 then executes a program that joins the virtual machine 808 to a domain, using the credentials stored on the computer distribution medium 704 and passed to the program by the player 800 via the connection 813).

As per claim 31 Seliger teaches to cause the directory domain controller to establish a communications channel from the agent, through the managed directory service, to the directory domain controller of the managed directory (par. 0124, 0124] The GINA 811 uses the user-entered credentials to establish (in process 1018) a VPN connection 814 to the user's enterprise network 816).

As per claim 32 Seliger teaches wherein the instructions that cause the system to cause 

As per claim 33, Ringdahl teaches the invention substantially as claimed including a non-transitory computer-readable storage medium having stored thereon executable instructions that, as a result of being executed by one or more processors of a computer system, cause the computer system to:
fulfill a first request obtained from a first entity by at least causing a networking service to generate a virtual network and a domain, the domain including at least … a range of network addresses within the virtual network (Figs. 3-4, describe virtual network associated with Active directory, domain controller, domain name server DNS [configured map domain names  to IP addresses], virtual desktop hosts; par. 0063 for example, the desktop obtains a network address from the domain server for the enterprise for which the desktop is allocated. This domain server is accessible because the desktop is allocated on a machine that is placed on the virtual local area network allocated to the enterprise);
fulfill a second request obtained from a second entity by at least causing a managed directory service to generate a managed directory, access to the managed directory provided by a directory domain controller (Figs. 3-4, describes a service provider management implementing a virtual network including an Active directory and domain controller; par. 0063 for example, the desktop obtains a network address from the domain server for the enterprise for which the desktop is allocated. This domain server is accessible because the desktop is allocated on a machine that is placed on the virtual local area network allocated to the enterprise);
fulfill a third request by at least causing a virtual machine instance service to instantiate a virtual machine instance assigned to a network address within the range of network addresses (par. 0023-0024, virtual desktops [virtual machines] can be made available on demand to users by a service provider; par. 0057 The tenant manager systems 702 and 702 use the resource manager to manage the inventory of available host machines, desktops and storage, and allocate these resources 718 for desktops 720 in response to requests for desktop resources from users; par. 0058 Given the APIs to access the hypervisors and storage in the cloud as well as at the service provider, resources for desktops can be allocated and the desktops created using the tenant management systems and resource manager; par. 0063 for example, the desktop obtains a network address from the domain server [DNS] for the enterprise for which the desktop is allocated).

Ringdahl does not expressly teach: cause a setting of the virtual machine instance to be modified by at least modifying the setting within an operating system of 
However, Seliger teaches:
cause a setting of the virtual machine instance to be modified by at least modifying the setting within an operating system of the virtual machine instance, the setting enabling access to the managed directory based at least in part on the fully qualified domain name and a credential associated with an account of the managed directory service (par. 0121 … The player 800 reads (in process 1006) the project information from the distribution medium 704 and from the token 302 and sends this information to the provisioning program 812. This information includes the computer naming pattern, time zone, screen resolution and color depth and key for decrypting the virtual machine image …The provisioning program 812 uses this information to create (in process 1008) a SYSPREP.INF file. For example, the provisioning program 812 generates a name string for the virtual machine 808 according to the naming pattern specified … The provisioning program 812 sets a parameter in the SYSPREP.INF file … The provisioning program then reseals (in process 1010) the operating system; par. 0122 The provisioning program then restarts (in process 1012) the virtual machine 808, and the operating system starts (in process 1014) the mini setup procedure; par. 0123 Once the mini setup procedure completes, the GINA 811 prompts (in process 1016) the 
cause the directory domain controller to join the virtual machine instance to the managed directory by at least establishing a connection between the virtual machine instance and the directory domain controller based at least in part on the fully qualified domain name (par. 0125, Consequently, the GINA 811 communicates with the player 800 to obtain … the credentials of an account that can be used to join the virtual machine 808 to a domain on the enterprise network ... The virtual machine 808 then executes a program that joins the virtual machine 808 to a domain, using the credentials stored on the computer distribution medium 704 and passed to the program by the player 800 via the connection 813).
It would have been obvious to a person having ordinary skill in the art before the effective filing date of the claimed invention to modify the teaching of Ringdahl, Seliger and Seliger to incorporate a fully qualified domain name for the managed directory and one or more domain name system Internet Protocol addresses for the managed directory as set forth by Kumar, because it would have provided the advantage to accurately specify the exact location of the domain controller with predictable results.

As per claim 34, Seliger teaches provide temporary credentials to the directory domain controller; and as a result of the directory domain controller validating the temporary credentials, enable the operating system of the virtual machine instance to join the virtual machine instance to the managed directory (par. 0125, Consequently, the GINA 811 communicates with the player 800 to obtain (in process 1020) the credentials of an account that can be used to join the virtual machine 808 to a domain on the enterprise network. (Typically, the end-user does not have sufficient privileges to join a computer to the domain) … The virtual machine 808 then executes a program that joins the virtual machine 808 to a domain, using the credentials stored on the computer distribution medium 704 and passed to the program by the player 800 via the connection 813. Par. 0126, credentials can expire. That is, the credentials are temporary).

As per claim 35, Ringdahl teaches wherein the directory domain controller is instantiated within a particular region (Fig. 3, services includes Active directory AD, and DNS; par. 0043 a computer system supports hosting of desktops using resources … resources may include … domain controllers, directory services, file shares, account management resources, Active Directory, which may be instantiated in a particular region of virtual network).

As per claim 36, Ringdahl teaches wherein the range of network addresses includes a Domain Name System address (Fig. 4, Service provider management 

As per claim 37, Kumar teaches wherein the range of network addresses includes an internet protocol address for the managed directory, the internet protocol address usable to establish the connection with the directory domain controller (par. 0007 fully qualified domain name or IP address of the server containing the naming context).

As per claim 38, Ringdahl teaches: wherein the instructions further comprise instructions that, as a result of being executed by one or more processors of a computer system, cause the computer system to store, in a database, domain information associated with the fully qualified domain name and the range of network addresses within the virtual network (par. 0007 fully qualified domain name or IP address of the server containing the naming context).

As per claim 39, Ringdahl teaches wherein the instructions further comprise instructions that, as a result of being executed by one or more processors of a computer system, cause the computer system to provide the virtual machine instance with the domain information to enable the virtual machine instance to connect to the managed directory (par. 0063 for example, the desktop obtains a network address from the domain server for the enterprise for which the desktop is allocated. This domain server is accessible because the desktop is allocated on a machine that is placed on the virtual local area network allocated to the enterprise).

As per claim 40, Seliger teaches cause the computer system to enable a set of tools within the operating system for connecting to the managed directory (par. 0099 once the operating system and applications are installed on the virtual machine 306 and the technician has made other changes to make the virtual machine 306 generically suitable for a group of end-users, an image preparation tool is executed within the virtual machine 306 to de-configure portions of the operating system).


Response to Arguments
Applicant's arguments filed 12/22/2020 have been fully considered but they are not persuasive. 
(1) The applicant argues in pages 10-11 for claims 21, 27 and 33 that combination of Ringdahl, Seliger, or Kumar does not teach such subject matter as recited in claims 21, 27 and 33. Therefore, Applicant respectfully submits that claims 21, 27, and 33 are allowable under 35 U.S.C. § 103 over Ringdahl in view of Seliger and Kumar.
(2)  The applicant argues in page 11 for claims 21, 27 and 33 that 22-26, 28-32, and 34-40 that “Applicant respectfully submits that at least some of claims 22-26, 28-32, and 34-40 additionally recite patentable subject matter not taught or otherwise rendered obvious by Ringdahl, Seliger, and/or Kumar, individually or in combination.

As per point 1, the examiner respectfully submits that the combination of establish a VPN connection [implicitly uses network address to connect] between the virtual machine 808 and the user's enterprise network [equiv. to domain], the GINA 811 prompts for additional credentials, such as a second username, a second password and .

As per point 2, the examiner respectfully submits that Applicant's arguments fail to comply with 37 CFR 1.111(b) because they amount to a general allegation that the dependent claims define a patentable invention without specifically pointing out how the language of the claims patentably distinguishes them from the references.


Conclusion
The prior art made of record and not relied upon is considered pertinent to applicant's disclosure. 
U.S. Pub. No. 20110185355 A1 teaches Accessing Virtual Disk Content of a Virtual Machine without Running a Virtual Desktop.
U.S. Pub. No. 20110191834 A1 teaches methods for maintaining the Domain Access of a Virtual Machine.
U.S. Pub. No. 20110251992 A1 teaches system and method for launching a resource in a network.
U.S. Pub. No. 20120017271 A1 teaches domain-authenticated control of 
U.S. Pub. No. 20130191828 A1 teaches domain controller safety-features and cloning.

THIS ACTION IS MADE FINAL.  Applicant is reminded of the extension of time policy as set forth in 37 CFR 1.136(a).  
A shortened statutory period for reply to this final action is set to expire THREE MONTHS from the mailing date of this action.  In the event a first reply is filed within TWO MONTHS of the mailing date of this final action and the advisory action is not mailed until after the end of the THREE-MONTH shortened statutory period, then the shortened statutory period will expire on the date the advisory action is mailed, and any extension fee pursuant to 37 CFR 1.136(a) will be calculated from the mailing date of the advisory action.  In no event, however, will the statutory period for reply expire later than SIX MONTHS from the mailing date of this final action. 

Any inquiry concerning this communication or earlier communications from the examiner should be directed to Willy W. Huaracha whose telephone number is (571)270-5510.  The examiner can normally be reached on M-F 8:30-5:00pm. 
If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, Meng-Ai An can be reached on (571) 272-3756.  The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300.
Information regarding the status of an application may be obtained from the Patent Application Information Retrieval (PAIR) system.  Status information for 


/WH/
Examiner, Art Unit 2195

/MENG AI T AN/Supervisory Patent Examiner, Art Unit 2195