Accounts for managing hosts in SCVMM 2012
I just learnt (the hard way) the correct way to add Hyper-V hosts to SCVMM.
You…
- should not use the service account used to run SCVMM admin service.
- should not use your own domain admin or admin level credentials.
Instead you should…
- Create a VMM host management account in AD.
- Add that AD account to the local admin group on all your Hyper-V hosts.
- Add that AD account to your VMM as a “Run As Account”.
- Then while adding a new host to VMM, specify that run as account as the account to be used to add that hyper- host.
Until I did it this way, I was having trouble in VMM. The VMM would lose connectivity to some of the Hyper-V hosts. I was getting this error in VMM:
Error (20552)
VMM does not have appropriate permissions to access the resource on the hyperv4p.xxx.xxx server.
Recommended Action
Ensure that Virtual Machine Manager has the appropriate rights to perform this action.Also, verify that CredSSP authentication is currently enabled on the service configuration of the target computer inp2420hyperv4p.nps.doi.net. To enable the CredSSP on the service configuration of the target computer, run the following command from an elevated command line: winrm set winrm/config/service/auth @{CredSSP=”true”}
Good luck!
PS: You may want to read my other post related to this error:
6 Comments
Andy
I found it helpful to add the computer account of the VMM server to the administrator group of the Hyper-V host when getting the error 20552.
The dude
Also, it is ideal to configure constrained delegation with kerberos authentication – http://technet.microsoft.com/en-us/library/jj134199.aspx
Rajeev
You are right…and I have also configured that. It is quite a painful process if one does not have domain admin rights…like me here. Lot of approvals needed 🙁
However, another Hyper-V team told me that you do not need delegation IF you are using SCVMM’s library feature. You can put ISOs in the library and mount them to your VMs from there. I tested it, that works too.
Joe
Thanks @Andy regarding adding the computer account. That worked like a charm.
I find the DEVS for SCVMM create unintuitive practices when it comes to updating, deploying, functionality.
Veljko Grubacic
These steps have helped me in solving problems with error 20522
Richard
I found that some Windows Update or Dell update had removed the VMM server from “Virtual Machine Manager Servers” Local Group on the Hyper-V host. Once I added the server back into the Local Group, and restarted the Hyper-V Virtual Machine Management service, things started to work again.