Hello, today I set out to batch upgrade VMware-tools on all Windows VMs in our environment, to patch the vulnerability described in VMSA-2016-0010.

Something very strange happened, after upgrading about 500 VMs, I started getting tickets and alarms about our Terminal Servers not working properly.

They all responded to ICMP requests, but no longer responded on RDP. Also, trying to log onto the servers through the console resulted in an error message about there not being any Domain Controllers available.

The issue was resolved by rebooting the VMs, (which is not a desirable option since our external staff using these machines have things running on them that preferably should not be stopped.)

I was wondering if this is a known error or bug and if there is a known workaround, as I have quite a few VMs left to upgrade, several of them Terminal Servers.

Environment information:

Four physical sites, nine clusters. VMs seem to be affected regardless of cluster or site.

Six clusters running ESXi 6.0U2 (6.0.0, 3620759), three legacy clusters running ESXi 5.5.0, 3568722.

VMware vCenter Server running 6.0.0, 3634794

Affected VMs are running Windows Server 2008 R2 or Windows Server 2012 R2

Upgrade was done in batches of between 50-75 VMs at a time (manually, not scripted), by marking VMs in the user interface, right clicking them and choosing Install/Upgrade VMware-tools.

The following advanced option to suppress reboot was used: /S /v"/qn REBOOT=R"

I hope this information is sufficient for helping me figure out what happened. Thanks in advance.

/socius