Solved: Side effect of restoring from snapshot on AD-joine...

vadm168 · ‎08-17-2018

Hi,

I have a CentOS 7 VM and there were snapshots taken. The VM is joined to AD. The VM owner had to restore to a snapshot taken 2 weeks ago. We notice after the restore, all AD users could not log in any more presumably because Kerberos already expired. Is this a preventable problem from VMware's perspective? Is there a way not to leave and rejoin the VM to restore AD users' access?

Thanks,

daphnissov · ‎08-17-2018

There's nothing VMware (the company) or vSphere (the technology) can really do here. This is AD being just how AD works. Any time you revert a snapshot on a machine of that age that is joined to AD, you'll just have to have it rejoin to get those auths to work. A snapshot can't selectively revert data since it works at a block level.

------------------
How to Ask for Help on Tech Forums
https://neonmirrors.net

View solution in original post

daphnissov · ‎08-17-2018

There's nothing VMware (the company) or vSphere (the technology) can really do here. This is AD being just how AD works. Any time you revert a snapshot on a machine of that age that is joined to AD, you'll just have to have it rejoin to get those auths to work. A snapshot can't selectively revert data since it works at a block level.

------------------
How to Ask for Help on Tech Forums
https://neonmirrors.net

vadm168 · ‎08-17-2018

In fact, I'd assume Windows VMs will have the same issue?

daphnissov · ‎08-17-2018

They absolutely will.

------------------
How to Ask for Help on Tech Forums
https://neonmirrors.net

All

Side effect of restoring from snapshot on AD-joined Linux VM