So I’ve never run into this in my home lab (yet), but I have run into this in our EMC Demo lab once. I decided that I should blog about it just in case someone else runs into this or even better, so I don’t’ forget :)
Here is the story: Someone in the lab cloned a Windows 2008 R2 server (vm) in vCenter and didn’t get a chance to finish up the “customization” before it was powered on. Unfortunately the server they cloned happened to be the vCenter server so when the clone was brought on line, well let’s just say the vCenter server amd Active Directory had issues. When you attempted to log in we would get the following error message
“The Security database on the server does not have a computer account for this workstation trust relationship”.
Normally this is a pretty quick and painless fix. Essentially you need to remove the server from the domain and re-add it. The problem is this VM was setup a year ago and no one remembered the local admin user account. To add insult to injury since the AD wasn’t happy with that server we were in a catch 22. We were stuck at the login screen with no way to get into the system. I was running out of ideas when in talking with one of my Team04 Rockstars Tyler Baker (@vtylerbaker) he suggested removing the Ethernet cable from the back of the host and seeing if we could get it to just use its cached AD credentials similar to what you do with your Laptop or Desktop when you are not connected to the network. Well since I was at home, I wasn’t going to drive into the lab just to test it so I did the next best thing. I logged into the vShere host, right clicked on the VM and went to “edit settings” then clicked on “Network Adapter” and then just unchecked the “Connected” box for the adapter.
That essentially disabled the Ethernet port. I then went to the console and was able to log in with no problems !! Once I was in I re-set the administrators password and also added me as a local admin (just in case). I then went back into the vSphere Client and re-enabled the Ethernet port and went about removing the VM from the Domain and then bounced the VM, logged in with the local admin account, re-added the VM to the domain and then all was right with the world !!
I LOVE it when a plan comes together !! By the way, i’ve now used that trick for another issue i’ve run into with my Macbook Air + Fusion + EMC Windows 7 Image. I’ll save that for another post. Needless to say, disabling the network connection has come in handy a couple of times !!
@vTexan <– follow me on twitter
4 Responses to “Quick fix to an AD issue with a VM”
Leave a Reply
- How to setup your first Desktop Pool in VMware View 5
- How to install configure and deploy VMware View 5 on vSphere 5
- The VMware Home Lab
- FastCache-the answer to the Automated Storage Tiering Problem
- How To Install EMC ProSphere
- Vblock: the answer to the NRE time problem
- VMware is not evil - my opinion on their new licensing model
- Installing VMware View 5 Connection Server in vSphere 5