VMware Cloud Community
socbizkaia
Contributor
Contributor
‎02-27-2020 02:03 AM

Cross vcenter vmotion: problem with windows VM

Hello,

We moved several Windows virtual machines from one vcenter to another vcenter (DRS between vcenters) thanks to powershell command Move-VM.

However, since the migration, several of our Windows virtual machines reported an error with the Active Directory: "The trust relationship between this workstation and the primary domain failed". We are having problems to recover from that error.

Is there any problem to do cross vcenter vmotion with windows virtual machines?

Should we do something special to move Windows virtual machines?

Thanks,

Christian

Tags (2)
0 Kudos
9 Replies
T180985
Expert
Expert
‎02-27-2020 02:13 AM

Ive never experienced issues like this when vMotioning VMs between vCenters. I assume the VMs still have access to the same AD server?

MS suggests you may need to reconnect them to the domain :smileyshocked: https://support.microsoft.com/en-gb/help/2771040/the-trust-relationship-between-this-workstation-an...

Please mark helpful or correct if my answer resolved your issue. How to post effectively on VMTN https://communities.vmware.com/people/daphnissov/blog/2018/12/05/how-to-ask-for-help-on-tech-forums
0 Kudos
Alex_Romeo
Leadership
Leadership
‎02-27-2020 02:32 AM

Hi,

they have lost the relationship of trust towards the domain controller. The only thing you can do and put them back in Workgroup, restart the vm and put it in the domain again (Rejoin).

The next time there is a need to review the command and the sequence of moving the VMs

---------------------------------------

Trust relationship failed between Workstation and Domain • Nolabnoparty

A quick solution

Log on as Local Administrator on the server with the problem and open the Command Prompt.

It is necessary to identify where the netdom utility is located, probably \ Windows \ System32 folder.

Using the netdom utility, type the following command:

netdom.exe resetpwd /s:<domaincontroller> /ud:DOMAIN\<administrator> /pd:*

example: C:\Windows\System32>netdom.exe resetpwd /s:w2k8r2-dc01 /ud:NOLABNOPARTY\Administrator /pd:*
pastedImage_2.png
If you log in to the system again, the error message is no longer displayed.

ARomeo

Blog: https://www.aleadmin.it/
0 Kudos
socbizkaia
Contributor
Contributor
‎02-27-2020 02:32 AM

Yes of course, the VMs are moved and assigned to the same VLAN without modifying the IP address so there should not be any networking problems.

0 Kudos
socbizkaia
Contributor
Contributor
‎02-27-2020 02:37 AM

AlessandroRomeo68 why do you say: The next time there is a need to review the command and the sequence of moving the VMs ?

The cross vcenter vmotion can break the trust relationship between VM and the domain controller?

Thanks!

0 Kudos
Alex_Romeo
Leadership
Leadership
‎02-27-2020 02:54 AM

Hi,

I don't know in which order you moved the servers, but normally at the end of the transfer you always lose some connectivity (even minimal), if at that moment the Server has to communicate with the domain controller and does not find it available, it can interrupt the relationship of trust (not always but it can happen).

That's why I said to review the move order. This also happened to me last year. The next time I did it by installing Veeam Backup & Replication (free version), connecting the two vCenters. I then used the "Quick migration" function and managed the movement of the 32 vm server without errors.

ARomeo

Blog: https://www.aleadmin.it/
0 Kudos
socbizkaia
Contributor
Contributor
‎02-27-2020 06:11 AM

We moved the servers one by one, in sequential order. This would be the most appropriate method or do you suggest another way?

0 Kudos
Alex_Romeo
Leadership
Leadership
‎02-27-2020 07:12 AM

Hi,

I would say that one at a time is the best solution and the "domain controllers" in the end.

Look at this link which can be useful next time to have less problems.

Did you re-join the servers to the domain? or run the command I gave you in the previous answers?

Cross vCenter Workload Migration Utility | VMware Flings

ARomeo

Blog: https://www.aleadmin.it/
0 Kudos
socbizkaia
Contributor
Contributor
‎02-27-2020 07:49 AM

Hi,

yes I already knew the "Coss vCenter Workload Migration Utility", however I preferred to use the Move-VM cmdlet of PowerCLI because it is better to script since I need to move hundreds of virtual machines.

The admins of the affected Windows Virtual Machines (only 3 of about 20 windows VMs because until now I only moved about 70 virtual machines) are trying to rejoin the affected virtual machines to the active directory. However, it seems that every time they reboot the virtual machines, they lose the trust relationship with the active directory and they need to rejoin again. It is a mesh.

0 Kudos
Alex_Romeo
Leadership
Leadership
‎02-27-2020 08:36 AM

There are many machines ...

try Veeam's fast migration, download the free version, hook up the two vCenters and you can manage the migration of VMs from one vCenter to another without problems.

Veeam Download

Backup software for virtual, physical and cloud - Veeam Backup & Replication

Migration:

Migrating VMs - Veeam Backup Guide for vSphere

ARomeo

Blog: https://www.aleadmin.it/
0 Kudos