Question

[Hyper-V] Cannot access Nutanix container by using SMB

  • 15 January 2020
  • 4 replies
  • 1748 views

Userlevel 3
Badge +17

Hi,

I am having a Hyper-V cluster managed by a SCVMM with Kerberos enabled.

I already did:

  1. Join the cluster and hosts to domain
  2. Create the MSFC and join to domain
  3. Add hosts and Nutanix container share to SCVMM
  4. Enable Kerberos and configure Delegation

But, from each host, I currently cannot:

  1. Access to Nutanix container via SMB path (\\VIP\container). When I type the SMB path into file explorer, it requires me to login. I tried to use the AD account used to enable Kerberos on Prism as well as AD admin account but could not make it
  2. Create the VM (I could create the VM by using SCVMM instead). “Failed to create the virtual hard disk” error window appears every time  I try to create

Is this the normal behavior of the whole system? As I am quite new to Hyper-V, I am getting lost in finding the solution to solve it


4 replies

Userlevel 3
Badge +17

Any help on this please?

I am facing the same issue.

Userlevel 3
Badge +17

I am facing the same issue.

I resolved it by diving deeper about configuration.

About the first one related to SMB path, the reason is that I already ran the below command to enable SMB signing feature on host. 

Set-SMBClientConfiguration -RequireSecuritySignature $True –Force

→ As it is the optional command written in Kerberos settings in Nutanix guide AOS 5.5 above, you can safely disable OR do not need to run it when you configure Kerberos for Nutanix in case you do not so serious of security

About second problem, this MAYBE also relate to Kerberos as each host need a kerberos ticket to be granted access to Nutanix storage

→ use “klist tickets” in host Powershell to list current granted tickets that being allowed

Userlevel 3
Badge +17

I resolved 2 above problems by logging in to the host by a AD account that registered to and joined in the Admin group of the host.

In my case, I am using the account that being used to access the SCVMM server to login and create a temporarily VM in the host to get the Kerberos tickets.

We can use 2 commands: “klist tgt” and “klist tickets”, “klist sessions” to check whether the host has got the Kerberos tickets or not.

Then, log out and login again by local Admin account (if preferred). We can create the VM and access to Nutanix container without problems

Reply