• Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 489
  • Last Modified:

VMware Snapshot Rollback Loses Domain Identity

I have a server running VMware ESXi 4.1.0 (free version).  On this server, I have 25 Virtual PCs created with various Operating Systems.  (Windows XP SP3, Vista SP2 32 & 64-Bit, and Windows 7 SP1 32 & 64-Bit).  These PCs are used for loading and testing software that our developers write.  The testers will take an initial Baseline snapshot of the PCs, load the software perform their testing, and then roll the snapshot back once they are ready to try another product out.  This way they have a clean slate for testing.

The problem I am experiencing is that when they roll the software back, the Virtual PCs somehow lose their Active Directory Domain identity.  You can no longer log them in with the AD usernames & passwords.  To solve the problem, I have to log in as a local admin, add the PC back to the WORKGROUP, reboot, then re-add it to AD.  Should the Snapshot not be retaining this information so I don't have to do this?
0
neptuneit
Asked:
neptuneit
  • 5
  • 2
1 Solution
 
Andrew Hancock (VMware vExpert / EE MVE^2)VMware and Virtualization ConsultantCommented:
This is normal for an old snapshot.

The issues is not with the snapshot, it's with Active Directory.

0
 
Andrew Hancock (VMware vExpert / EE MVE^2)VMware and Virtualization ConsultantCommented:
The issue is similar to a VMware View Desktop issues

The machine password is stored in the Virtual Machine, It changes in Windows performs every 30 days as per policy setting and stores the machine account password retrieved from Active Directory in this virtual disk.

So you have a VM running, the machine password changes, and then you ROLLBACK the VM, which has a different machine password, and Hey Presto the passwords do not match, so the trust is broken.

See here

http://www.experts-exchange.com/Software/VMWare/Q_27116503.html
http://www.experts-exchange.com/Software/VMWare/Q_27320237.html
0
 
Andrew Hancock (VMware vExpert / EE MVE^2)VMware and Virtualization ConsultantCommented:
It may be better to remove these workstations from the Domain, and add to Domain when using them.

or Check the other Articles for GPO Policies, which could be applied to a Container.
0
Never miss a deadline with monday.com

The revolutionary project management tool is here!   Plan visually with a single glance and make sure your projects get done.

 
neptuneitAuthor Commented:
The passwords on the accounts used to log into these machines are set to never change.  So would that still apply?
0
 
Andrew Hancock (VMware vExpert / EE MVE^2)VMware and Virtualization ConsultantCommented:
I'm sorry I'm not discussing User Accounts.

When you Add a Workstation to a Domain, at the time it's joined, a Machine Account Password is Exchanged with the Machine. This expires every x days, set by AD!

No MACHINE ACCOUNT PASSWORD (internal on machine!).

Not user Accounts.
0
 
neptuneitAuthor Commented:
Okay.  I misunderstood.  That makes perfect sense.  Thanks for the feedback.
0
 
Andrew Hancock (VMware vExpert / EE MVE^2)VMware and Virtualization ConsultantCommented:
0

Featured Post

Free Tool: Path Explorer

An intuitive utility to help find the CSS path to UI elements on a webpage. These paths are used frequently in a variety of front-end development and QA automation tasks.

One of a set of tools we're offering as a way of saying thank you for being a part of the community.

  • 5
  • 2
Tackle projects and never again get stuck behind a technical roadblock.
Join Now