Go Premium for a chance to win a PS4. Enter to Win

x
  • Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 369
  • Last Modified:

Hyper-V server hosting VMs

The VMs on these hosts lose connection to the domain. The only way to get them back is to take them off the domain, put them back on and then Im able to log onto it with my domain account.  

Question here is:  why/how does it lose the connection to the domain.  These VMs were on the domain one day, the next day they lost connection.  They were good for about 30 days.

Please help!
0
Cyber IT
Asked:
Cyber IT
1 Solution
 
santhoshuCommented:
Is the Domain a VM too?
0
 
Cyber ITEngineerAuthor Commented:
there are three domain controllers.  i believe ONE of them is a VM.
0
 
Cyber ITEngineerAuthor Commented:
actually, (2) of them are VMs.

dc1 - physical
dc2 - virtual (in a different building)
dc3 - virtual on an ESX Cluster
0
Get your Conversational Ransomware Defense e‑book

This e-book gives you an insight into the ransomware threat and reviews the fundamentals of top-notch ransomware preparedness and recovery. To help you protect yourself and your organization. The initial infection may be inevitable, so the best protection is to be fully prepared.

 
Steve BinkCommented:
Are you losing network connectivity, or just authentication to the domain?  Can you still ping the DCs when this happens?
0
 
Cyber ITEngineerAuthor Commented:
I can still PING and RDP to the VMs. I just cant log onto the VMs under my domain account. I can log on as the local admin, thank goodness.
0
 
Steve BinkCommented:
When logged in as the local admin, can you ping the DCs from the VM?  What happens when you attempt to log in as a domain account?
0
 
Cyber ITEngineerAuthor Commented:
You cant log on with a domain account. It doesnt see the domain.
0
 
Steve BinkCommented:
During these incidents, can you ping the DCs from the VM when logged in as a local admin?
0
 
maxxmyerCommented:
If it helps you, I chased a similar issue last year. It was the time set on one of the DC. The DC in error was not sync’ing it’s time with the rest of the Domain.
0
 
Cyber ITEngineerAuthor Commented:
I believe the following is the issue:

The reason for this is that there is a computer account password mismatch. The VM thinks that its machine account password is something X, while the domain controller believes it to be something Y. Because of this, the VM cannot authenticate itself to the domain controller(s).

Just like user account passwords, computer account password is a "secret" that is set up by the computer account, and that is used when a domain member computer authenticates itself to the domain controller and establishes a secure channel.

When the computer is started, a service called NetLogon uses the machine account password and tries to establish a secure session with the domain controller. The usual CTRL+ALT+DEL Winlogon process also relies on this authenticated secure channel to send user credentials to the domain controller for verification and log them into the computer. Other services running on this machine that work with the LocalSystem or NetworkService credentials also require this authenticated secure channel to get access to domain resources.
0
 
Cyber ITEngineerAuthor Commented:
They way I fixed it was I took them off the domain and put them back on to fix the authentication between the machine and the domain.
0
 
Cyber ITEngineerAuthor Commented:
I also found out that there were snapshots being reverted back.
0
 
Darius GhassemCommented:
This question has been classified as abandoned and is being closed as part of the Cleanup Program. See my comment at the end of the question for more details.
0

Featured Post

Independent Software Vendors: We Want Your Opinion

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

Tackle projects and never again get stuck behind a technical roadblock.
Join Now