VMM 2008 R2 in a Multi-Forest Environment

  • Article

In my continuing work on building a private cloud offering with Hyper-V and System Center, I started work on a scenario today where the “fabric” management infrastructure is in a different Active Directory forest than the fabric hosts. This would be something you could see in a multi-tenant hosting scenario or similar situation where you have groups of hosts in different forests that you want to manage with a common infrastructure.

I knew Virtual Machine Manager 2008 R2 can work in this type of scenario but not having looked at it in depth before, I had to do some digging to get around a few problems, hence this post.

First, the couple issues I ran into would have been avoided if I had read all the documentation first. Since none of us ever do that, it was Bing to the rescue.

So here are the three main things to remember when trying to add Hyper-V host clusters in one forest, to a Virtual Machine Manager 2008 R2 installation in a different forest:

  • A Windows Server-based host can be in a domain separate from the VMM server's domain and a host can be in a domain with a two-way trust with the VMM server’s domain or in a domain that does not have a two-way trust with the VMM server’s domain.

This I knew and I configured a two-way forest trust between my two forests.

  • VMM does not support managing a host cluster on a perimeter network or in an AD domain that does not have a two-way trust with the VMM server’s AD domain.

This I did not know, but I had configured correctly already.

  • Before you add a host cluster that is in a disjointed namespace to a VMM server that is not in a disjointed namespace, you must add the DNS suffix for the host cluster to the TCP/IP connection settings on the VMM server.

This was the main issue I ran into. DNS was otherwise configured correctly, the trust verified, but when I went to add the hosts and/or host cluster to VMM, I got an error 404 “The requested name is valid, but no data of the required type was found”. It was able to search AD for the server names but failed trying to add them. Following the documentation above, adding the DNS suffix to VMM for the domain the hosts was in resolved the issue and allowed me to add the hosts.

The following documentation links provide all the info needed for this scenario:

https://technet.microsoft.com/en-us/library/cc764275.aspx

https://technet.microsoft.com/en-us/library/cc917879.aspx

https://technet.microsoft.com/en-us/library/ee236431.aspx