Solved

How to allow a virtual test lab using VMware ESX 3.5 and Windows Server 2003 to mingle with physical network?

Posted on 2009-07-14
4
374 Views
Last Modified: 2012-05-07
Using VMware ESX 3.5 and Converter 4, we have virtualized clones of four of our production servers to use for a performance test outside of production hours. All servers have Windows Server 2003 and are members of a domain: one is a domain controller, one is our ERP database server using SQL Server 2005, and the other two run middle tier services for the ERP. No SYSPREP or other SID modifier was run. All four systems work well when connected to an isolated virtual switch, and the ERP client runs.

We need to move the ERP systems over to a virtual switch that is connected to our production environment (shutting down the physical servers that were cloned) to allow for a wider-scale performance test of the ERP. One of the servers comes up fine, but the other two (including the SQL box) will not log in to the production network. If we authenticate them on the virtual network then point their NICs to the virtual switch connected to the production network, we can ping them from clients, and ping clients from them, but they still generate authentication errors on our production DCs, and the ERP doesn't work.

We are considering using Reset Account on the computer accounts in Active Directory for these three systems then rejoin them to the production network. We anticipate that our actual production systems might then experience the same problems, and we'd have to reset the accounts again. We need 2-3 rounds of performance testing, so the accounts would get reset quite a bit.

Is anyone aware of problems all this computer account resetting will cause?
Have any other suggestions as to how we can get the virtual clones (same computer name, IP, SID) to work on the production network?

Thank you
0
Comment
Question by:bfg01
4 Comments
 
LVL 42

Accepted Solution

by:
paulsolov earned 225 total points
ID: 24853696
I have seen this before and you'll most like have to rese the computer account.  If you'll be connecting your production machiens on the same vswitch as your testbed VMs there may other niggling issues and are a pain to resolve sometimes.

I would use something like Symantec Backup Exec System Recovery and image the ERP system (if possible) and restore on a test physical box which would then be connected to the test vswitch.

I would recommend to keep production and testbed separated.
0
 
LVL 19

Assisted Solution

by:vmwarun - Arun
vmwarun - Arun earned 50 total points
ID: 24854166
I concur with paulsolov.

Its always a safe option to segregate your testing environment from Production.

The best approach would be to simulate everything using a vSwitch with no pNIC (Physical NIC) attached to it.

This would give you the best test bed which is akin to your Production Environment.
0
 
LVL 6

Assisted Solution

by:davismisbehavis
davismisbehavis earned 225 total points
ID: 24854617
rejoin these Virtual machines to the production domain controller.  Depending on how long you've been running these machines in the isolated domain,  you can find that GUIDs for computers in AD actually change every 30 days.  It's either that or you have joined them to the domain in the isolated network and they have been assigned a new GUID within Active Directory that does not match the GUID in your production AD.  Rejoin the machines to the domain when on the production network and this should resolve your issues.
0
 

Author Comment

by:bfg01
ID: 24919532
Unfortunately we do need to mix the virtual test and physical environments, there is just no way to simulate 80-200 clients in our virtual environment at this point in time.

We have been able to successfully reset the AD account for the three computers, joining the virtuals to the production network, then reset and rejoin the production servers, all without a problem.

Thank you all for the input.
0

Featured Post

Highfive + Dolby Voice = No More Audio Complaints!

Poor audio quality is one of the top reasons people don’t use video conferencing. Get the crispest, clearest audio powered by Dolby Voice in every meeting. Highfive and Dolby Voice deliver the best video conferencing and audio experience for every meeting and every room.

Join & Write a Comment

Suggested Solutions

Title # Comments Views Activity
CHAP for iscsi 4 33
ADFS 3.0 and UPN Problem 6 15
Move VMWare Esxi 5.5 from RAID array to USB 11 46
ACTIVE DIRECTORY 12 0
HOW TO: Connect to the VMware vSphere Hypervisor 6.5 (ESXi 6.5) using the vSphere (HTML5 Web) Host Client 6.5, and perform a simple configuration task of adding a new VMFS 6 datastore.
In this step by step tutorial with screenshots, we will show you HOW TO: Enable SSH Remote Access on a VMware vSphere Hypervisor 6.5 (ESXi 6.5). This is important if you need to enable SSH remote access for additional troubleshooting of the ESXi hos…
Teach the user how to rename, unmount, delete and upgrade VMFS datastores. Open vSphere Web Client: Rename VMFS and NFS datastores: Upgrade VMFS-3 volume to VMFS-5: Unmount VMFS datastore: Delete a VMFS datastore:
Advanced tutorial on how to run the esxtop command to capture a batch file in csv format in order to export the file and use it for performance analysis. He demonstrates how to download the file using a vSphere web client (or vSphere client) and exp…

708 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

12 Experts available now in Live!

Get 1:1 Help Now