VMware Cloud Community
jameyw911
Contributor
Contributor
‎12-08-2021 08:04 AM

Domain Controller Issues with VMWare Tools

We have encountered an issue with virtualized domain controllers in our environment.  We know this is a multi-faceted problem but we also identified VMware Tools as part of the issue.

Our current domain controllers are Windows Server 2016 Datacenter.  They are virtual and have the following settings:
2 CPU, 4GB RAM, 90 GB HDD Thick Provisioned, 1 NIC (E1000).  They are NOT running VMware tools.

If we try to install VMware tools, the tools install fine and run ok but it is almost impossible to log back into the machine.  The machine comes up to the login screen and when you enter a username and password and hit enter, nothing happens.  The machine gets stuck in some state where some services are running and some are not.  DNS and DHCP servers do not always work.  After resetting the machine anywhere from 5-30 times, it is possible to login. 

We have built multiple new domain controllers.  If we start with a fresh server install with VMware Tools and promote it to a DC, the problem shows up.  If we start with a fresh server install without VMware tools and promote it to a DC, there are no problems.  Once promoted to a DC, if we add VMware tools, the problems start again.  We know this is unique to our environment/domain.  I built a new test domain with Server 2019 servers with VMware tools and everything works fine.

All of this started in VMware 6.5 and has persisted after upgrading to 7.0 u3.  (Yes, I know this has been recalled but we have not had any issues.  We are discussing rolling back to 7.0 u2 but since we went from 6.5 to 7.0 u3, I'm not sure what our options really are at the moment [topic for another post]).  I have no idea what in our environment might have triggered this but hoping someone has seen this and has a solution.  So far I haven't been able to find a solution and neither have MCSEs from two different MSPs.

0 Kudos
10 Replies
alantz
Enthusiast
Enthusiast
‎12-08-2021 12:43 PM

After you install VMware tools do you shut down the VM and edit the network hardware and set it to VMXNET3 ?

--Alan--

 

0 Kudos
jameyw911
Contributor
Contributor
‎12-08-2021 12:50 PM

Have tried changing to VMXNET3 or leaving it as E1000 and get the same results

0 Kudos
alantz
Enthusiast
Enthusiast
‎12-08-2021 01:03 PM

Mighty strange. Does it seem to matter the version of VMWare tools ? If not it does sound like something U3 related. 

--Alan--

 

0 Kudos
jameyw911
Contributor
Contributor
‎12-08-2021 01:07 PM

This issue started on 6.5 and we were hoping moving up to 7.0 u3 would fix it.  VMWare tools version doesn't matter, still produces same results.

Tags (1)
0 Kudos
AndrewBorn
Contributor
Contributor
‎12-08-2021 01:20 PM

We have been running multiple DCs under Windows Server 2016 Standard without seeing this behavior.  ESXi of both 6.5 and 7.0 involved.  Unfortunately not apples to apples (Datacenter vs. Standard), but close.

 

Perhaps a GPO setting that is applying to your DCs that is causing this behavior?  It sounds like a VM running Windows Server 2016 Datacenter does not suffer this issue, even with VMWare Tools installed.  So the change to a DC has to be the trigger. 

 

What about customizing your VMWare Tools install to see if a specific module causes the problem?

0 Kudos
jameyw911
Contributor
Contributor
‎12-08-2021 01:28 PM

We have combed through the GPOs several times and can't find anything out of the ordinary.  You are correct, member servers do not have this issue, only DCs. 

We didn't try customizing the VMware tools install but it is something to consider. 

We tried to build new 2019 Servers and promote them and the results were even worse.

At this point we are considering a complete domain rebuild.  Only other option is a call to Microsoft.

0 Kudos
alantz
Enthusiast
Enthusiast
‎12-08-2021 04:40 PM

I'm curious what you find out. I too run DC's on standard 2016, no issues. I am still U2 instead of U3, but you would think that is a close enough comparison. If not Group policies, maybe AntiVirus or some such thing. When you can't log on how is the networking? Does it ping? Can your RDP to it ? Is it stuck with Netlogon service? Maybe something in the Event Viewer would give a clue on what is not working network wise.

--Alan--

 

 

 

0 Kudos
Lalegre
Virtuoso
Virtuoso
‎12-08-2021 11:16 PM

Hey @jameyw911,

First of all, I recommend you to read this before maintainting the 7.0 U3 versions as there are a lot of critical issues: https://kb.vmware.com/s/article/86281 , https://kb.vmware.com/s/article/86398

Second, do you have any antivirus that could be blocking the VMware Tools?

 

0 Kudos
jameyw911
Contributor
Contributor
‎12-09-2021 06:20 AM

We have removed AV as a test with no change. 

Will read up on the links

0 Kudos
dmtml
Contributor
Contributor
‎03-04-2022 08:12 AM

Just curious if there was any update on this?

0 Kudos