Planning for a Disjointed Namespace

  • Article

Applies To: Virtual Machine Manager 2008, Virtual Machine Manager 2008 R2, Virtual Machine Manager 2008 R2 SP1

System Center Virtual Machine Manager (VMM) 2008 and VMM 2008 R2 supports adding and managing hosts, including failover clusters, that are in a disjointed namespace, which occurs when one or more computers have a primary Domain Name System (DNS) suffix does not match the DNS name of the Active Directory Domain Services (AD DS) domain of which the computers are members. For example, a member computer that uses a primary DNS suffix of corp.fabrikam.com in an AD domain that is named na.corp.fabrikam.com is using a disjointed namespace. For more information about disjointed namespaces, see Naming conventions in Active Directory for computers, domains, sites, and OUs (https://go.microsoft.com/fwlink/?LinkId=123886).

Installing the VMM Server in a Disjointed Namespace

When you are installing the VMM server in a disjointed namespace, for the VMM service account you must specify a domain account that is a local Administrator on the computer. Do not use the local system account, which is the default setting. For more information, see Installing the VMM Server.

Note

If you use a domain account for the VMM service account, it is strongly recommended that you create an account that is specifically designated to be used for this purpose. When a host is removed from the VMM server, the account under which the VMM service is running is removed from the local Administrators group of the host. If the same account on the host is used for other purposes, this can cause unexpected results. Also, you should not use the same account for the VMM service account that you use for configuring a remote Microsoft SQL Server database for the VMM database. For more information, see Hardening the VMM Server.

Adding Hosts in a Disjointed Namespace

To add a host in a disjointed domain namespace, ensure that the credentials are valid and of a domain account. In addition, the VMM server must run as the local system account or a domain account with sufficient privileges to be able to impersonate other users.

When you add a host in a disjointed namespace, you must use the host’s fully qualified domain name (FQDN), exclude Active Directory name verification. When you use the Add Host Wizard to add a computer that is in a disjointed namespace, VMM checks AD DS to see whether an SPN exists, and if it doesn’t, VMM attempts to create one. If this does not work, you must add the SPN manually. For more information, see How to Add Hosts in an Active Directory Domain.

Before you can add a host cluster that is in a disjointed namespace to a VMM server that is not in a disjointed namespace, you must add the DNS suffix for the host cluster to the TCP/IP connection settings on the VMM server.

Integrating Operations Manager with VMM

If you are integrating System Center Operations Manager with VMM 2008 or VMM 2008 R2 and the root management server for Operations Manager is located in a disjointed namespace, you must use the fully qualified domain name (FQDN) when you specify the root management server. For more information, see How to Specify the Operations Manager Server for VMM.