How to Add Hyper-V Hosts in a Disjointed Namespace in VMM
Updated: January 15, 2013
Applies To: System Center 2012 - Virtual Machine Manager, System Center 2012 SP1 - Virtual Machine Manager
You can use the following procedure to add Hyper-V hosts or Hyper-V host clusters that are in a disjointed name space as managed Hyper-V hosts in System Center 2012 – Virtual Machine Manager (VMM).
A disjointed name space occurs when the computer’s primary Domain Name System (DNS) suffix does not match the domain of which it is a member. For example, a disjointed namespace occurs when a computer that has the DNS name of HyperVHost03.contosocorp.com is in a domain that has the DNS name of contoso.com. For more information about disjointed namespaces, see Naming conventions in Active Directory for computers, domains, sites, and OUs.
Before you begin this procedure, make sure that the following prerequisites are met:
The System Center Virtual Machine Manager service must be running as the local system account or a domain account that has permission to register a Service Principal Name (SPN) in Active Directory Domain Services (AD DS).
Before you can add a host cluster that is in a disjointed namespace to a VMM management server that is not in a disjointed namespace, you must add the Domain Name System (DNS) suffix for the host cluster to the TCP/IP connection settings on the VMM management server.
If you use Group Policy to configure Windows Remote Management (WinRM) settings, understand the following before you add a Hyper-V host to VMM management:
VMM supports only the configuration of WinRM Service settings through Group Policy, and only on hosts that are in a trusted Active Directory domain. Specifically, VMM supports the configuration of the Allow automatic configuration of listeners, the Turn On Compatibility HTTP Listener, and the Turn on Compatibility HTTPS Listener Group Policy settings. Configuration of the other WinRM Service policy settings is not supported.
If the Allow automatic configuration of listeners policy setting is enabled, it must be configured to allow messages from any IP address. To verify this, view the policy setting and make sure that the IPv4 filter and IPv6 filter (depending on whether you use IPv6) are set to “*”.
VMM does not support the configuration of WinRM Client settings through Group Policy. If you configure WinRM Client Group Policy settings, these policy settings may override client properties that VMM requires for the VMM agent to work correctly.
Note The WinRM policy settings are located in the Computer Configuration\Administrative Templates\Windows Components\Windows Remote Management (WinRM) node of the Local Group Policy Editor or the Group Policy Management Console (GPMC).
- VMM supports only the configuration of WinRM Service settings through Group Policy, and only on hosts that are in a trusted Active Directory domain. Specifically, VMM supports the configuration of the Allow automatic configuration of listeners, the Turn On Compatibility HTTP Listener, and the Turn on Compatibility HTTPS Listener Group Policy settings. Configuration of the other WinRM Service policy settings is not supported.
To add a Hyper-V host in a disjointed namespace
Follow the steps in the topic How to Add Trusted Hyper-V Hosts and Host Clusters in VMM. Note the following:
On the Credentials page, enter credentials for a valid domain account.
On the Discovery scope page, enter the fully qualified domain name (FQDN) of the host. Also, select the Skip AD verification check box.
- On the Credentials page, enter credentials for a valid domain account.
On the last page of the wizard, click Finish to add the host.
When you use the Add Resource Wizard to add a computer that is in a disjointed namespace, VMM checks AD DS to see if an SPN exists. If it does not, VMM tries to create one. If the System Center Virtual Machine Manager service is running under an account that has permission to add an SPN, VMM adds the missing SPN automatically. Otherwise, host addition fails.
If host addition fails, you must add the SPN manually. To add the SPN, at the command prompt, type the following command, where <FQDN> represents the disjointed namespace FQDN, and <NetBIOSName> is the NetBIOS name of the host:
setspn -A HOST/<FQDN> <NetBIOSName>
For example, setspn –A HOST/hypervhost03.contosocorp.com hypervhost03.
Tip To view a list of registered SPNs for the host, at the command prompt, type setspn -l <NetBIOSName>, where <NetBIOSName> is the NetBIOS name of the host.
For additional resources, see Information and Support for System Center 2012.
Tip: Use this query to find online documentation in the TechNet Library for System Center 2012. For instructions and examples, see Search the System Center 2012 Documentation Library.