We have multiple sites each with one Domain Controller. At our primary site the DC is on hardware, at our remote sites, the DCs are virtual machines running under ESXi. We have vSphere Essentials licensing.
The problem is that when I shut down a virtual machine domain controller, doing anything in that site's vCenter becomes impossible. Tasks don't complete, the UI becomes unresponsive. The only way to get anything done is to bypass vCenter and login with vSphere client as root directly to an ESXi host. One example would be migrating the DC virtual machine from one host to another. The only way I could move my DC when I needed to was to export OVF and re-import on the other host.
Why is vCenter so dependent on the local Domain Controller? vCenter is NOT installed on a DC. And we have alternate DNS servers.
Why does vCenter not find a Domain Controller at another site? Our domain is otherwise healthy, a downed domain controller at one site does not prevent normal domain functions, except for vCenter.
I am probably leaving out a lot of details here, but I just don't know where to start. I have searched for similar cases and found nothing.
Let me know what additional information I can provide.
Welcome to the Community - I think the issue is that the vCeneter server is relying solely on the local DC for authentication - I would check your ODBC connector might be relying on that DC for its authentication and when the DC is shut diwn it no longer can authenticate and when vCenter stop or has issues communicating to its database things become flaky -
OK, that makes sense, but I'm still not sure how to fix it. My ODBC DSN is configured for Integrated Windows Auth, but it still makes no sense for that to create a dependency on one and only one domain controller. I'm not fan of MSSQL, but seriously, is it that stupid?
Should I change my DSN to use SQL Server Auth?