Server HyperV Replication using Kerberos

matmos
matmos used Ask the Experts™
on
I replaced a Server 2012 HyperV box with a new Server 2016 HyperV box - got all the VMs over and working using replication - had to use certificates which was very involved to generate due to issues with names of 2 servers in the certificates.
Now wish to have the new ServerV2016 box replicating all its VMs to a similar new Server2016 box so if Im correct if a VM stops working on the main it will switch to the second.

They are in a workgroup and not on the VMs domains.

Im trying to use kerberos in port 80 rather than doing certificates all over again - is this possible in a workgroup as when I try - it sees the replica box but upon finish I get error no credentials are available in the security package.
Comment
Watch Question

Do more with

Expert Office
EXPERT OFFICE® is a registered trademark of EXPERTS EXCHANGE®
James MooreGeneral Manager

Commented:

Author

Commented:
Thank you - My setup is as per your 2nd link - but I get the message at the end No credentials are available in the security package (0x8009030E)

The article states the following but not how to specify which primary servers are permitted.

Note: Replica Server Authorization

After deciding authentication types, specification of which primary servers are permitted to replicate virtual machines to your Replica server is required. Authorization can be allowed from any authenticated server, or a specified primary server

NB My servers are not on the domain
James MooreGeneral Manager

Commented:
This could be permission issue. As this is workgroup environment. make sure Everyone and Authenticated Users have been added in local policy "Access this computer from the network" on both Hosts. To do that, please add the account Computer Configuration | Windows Settings | Security Settings | Local Policies | User Rights Assignment | Access this computer from the network and run the gpupdate /force to check the result.
PMI ACP® Project Management

Prepare for the PMI Agile Certified Practitioner (PMI-ACP)® exam, which formally recognizes your knowledge of agile principles and your skill with agile techniques.

Author

Commented:
Sorry same error - one point when enabling replication on the VM and entering the replica servername - it allows me to continue but has a messasge could not get configuration details of the specified server.

I think i have no choice but to use the certificate method- which doesnt make sense as kerberos should work.
James MooreGeneral Manager

Commented:
OK fair enough, it is recommended to use certificates anyway to encrypt the traffic.
Distinguished Expert 2018

Commented:
Kerberosbauthenticared replication requires a domain. Otherwise there'd be. I way to validate the ticket.
Commented:
Configured using self signed cert.

Do more with

Expert Office
Submit tech questions to Ask the Experts™ at any time to receive solutions, advice, and new ideas from leading industry professionals.

Start 7-Day Free Trial