Windows Server HyperV 2012 > 2012 R2 > 2019
Cannot connect HyperV Manager to HyperV server after in-place upgrade when your domain controller is a virtual machine
So you’ve decided on your upgrade path and committed to action, only to find out your HyperV virtual machines cannot be seen on your network after upgrade.
My home lab operates on 2012 HyperV console, as you should know that means no GUI, which i am very happy with for many reasons. The attack surface is minimal, the resources aren’t needlessly used up and best of all its free
I decided to upgrade, mainly because testing Microsoft Intune meant i needed to enable TPM in HyperV, that and i was due an upgrade anyway
Microsoft HyperV Server 2012 > HyperV 2012 R2 > HyperV 2019
So I downloaded HyperV Server 2012 R2, created a bootable usb and performed an in-place upgrade on my HyperV
Once completed i immediately faced connectivity problems. My home lab is budget, which means my Domain Controller is a VM, yup you guessed it, hosted by the HyperV server
So how do i fix a network when i can’t remotely connect HyperV manager to the HyperV server? The problem being the authentication method is not contactable, the DC as a VM cannot approve the connection request to the HyperV server because the virtual switch is no longer configured properly
My suspicion is that with any in-place windows upgrade, the network adapters always tend to renew in some way shape or form
Know you’re setup
To really understand this problem and the solution I should probably describe my network setup
My hyperV box has 4 VMs and 2 virtual switchs
- swInternal (Internal LAN switch to my home LAN)
- swExternal (External WAN switch to my virgin router that is currently in “modem mode”)
- VM 1 = Firewall gateway (has two virtual NICs swInternal and swExternal)
- VM 2 = Domain controller (swInternal)
- VM 3 = webserver (reading this blog from it right now) (swInternal)
- VM 4 = test machine (constantly being destroyed and re created) (swInternal)
My setup is such that the firewall gateway VM has two network adapters, one for my internal LAN and one for the WAN. The rest of the VMs only have the internal LAN
Identify the problem
- We cannot connect or see any of the VMs on the LAN, cant ping anything
- We can’t connect HyperV manager to the HyperV server
- We can however connect directly using a spare keyboard, mouse and display. Login and then break out PowerShell
Solving the problem
There is a 99% chance that fixing the virtual switches will solve all our problems, so whats the process?
You will need to know a local admin account for your hyperv server
- 1. Shutdown all VMs
- 2. Review the current setup. Enumerate the Virtual Switchs, and VM adapters
- 3. Detach the adapters from the VMs
- 4. Destroy and recreate the virtual switches
- 5. Re attach the adapters to the VMs
sounds simple right? ok lets crack on
login to HyperV and execute the following PowerShell commands
|
|
Get-VMNetworkAdapter -all |
This will give you an idea of the current switch setup
From here you can tell I have two hardware NICs and one Virtual NIC on the HyperV machine itself
I also have two virtual switches
And the virtual machines have all been assigned accordingly
In a broken environment you would likely see no IP addresses, moreover the Status’s would be different
So now we need to destroy and recreate everything
- Stop all the VM’s
- Disconnect the virtual adapters from the VM’s
- Remove the virtual switch’s
- Recreate the virtual switches
- Re attach the virtual adapters
Stop all VM’s
I’ve filtered this command to only stop VM’s that are running
|
|
Get-VM | where {$_.State -eq 'Running'} | Stop-VM |
Disconnect the virtual adapters
I’ve filtered this command to filter out the swExternal virtual switch.
|
|
#disconnect the virtual adapters Get-VM | Get-VMNetworkAdapter | Disconnect-VMNetwokAdapter Get-VMNetworkAdapter -ManagementOS | where {$_.SwitchName -notlike "swExternal"} | Remove-VmNetworkAdapter |
Remove the HyperV virtual switch
I only want to remove the swInternal Switch
|
|
Get-VMSwitch -name swInternal | Remove-VMSwitch |
At this point I decided to rename my Network adapters on the Host, you dont have to do this at this stage.
|
|
#Take the opportunity to rename the adapters before proceeding if you wish Rename-NetAdapter -Name "Internal" -NewName "InternalIntegratec" Rename-NetAdapter -Name "External" -NewName "ExternalPCI" |
Re-Create HyperV Virtual Switch
I’ve shown here commands to create the external switches as if the External switch didnt exist. The only difference between the two is that I’m not allowing the swExternal switch management os connectivity.
The difference between a switch category of “internal” & “external” is that internal will isolate the switch from your LAN, keeping internal to the VM host. So basically if you want connectivity to your LAN, always create a virtual switch categorised as External, which is in fact the default category, so you dont need to specify it on creation
|
|
#Create our external switchs New-VMSwitch -name swInternal -NetAdapterName InternalIntegratec -AllowManagementOS $true New-VMSwitch -name swExternal -NetAdapterName ExternalPCI -AllowManagementOS $false #create the management OS adapter on the host and attach it to swInternal Add-VMNetworkAdapter -Name MGMT -ManagementOS -SwitchName swInternal |
If you want to tweak the settings on your newly created switches you can you the following command
|
|
#use the set-switch command to configure the switches as needed Set-VMSwitch swInternal -NetAdapterName "InternalIntegrated" |
Re-Attach the HyperV Virtual machine adapters
I’ve filtered this command to avoid adapters already connected to the swExternal switch here,
|
|
#Connect the adapters to the VM's Get-VM | Get-VMNetworkAdapter | Where {$_.SwitchName -notlike 'swExternal'} | Connect-VMNetworkAdapter -SwitchName swInteral #Enumerate virtual adapters once completed Get-VM | Get-VMnetworkAdapter |
Now that the HyperV Host adapters, and Virtual switch’s have been reconfigured you are now ready to start the VMs
At this point i’d recommend restarting your HyperV host, If you have a Domain controller as a VM you’ll need to.
If you are still having connectivity issues you can further diagnose the it by dropping the firewall of the HyperV host by running the following command
|
|
#Disable firewall Set-NetFirewallProfile -Profile Domain,Public,Private -Enabled False |
If you are having problems with network adapters not setting the correct connection profile, you can force the profile to change
|
|
#force a profile on a network adapters Get-NetConnectionProfile -InterfaceAlias "Ethernet1" | Set-NetConnectionProfile -NetworkCategory Public |
Mopping up
Finally we need to tidy-up the windows.old folder created on the root.
3 steps.
1. Take ownership of the folder
2. reset the security permissions
3. delete the folder
|
|
takeown /f c:\windows.old /r /d y icacls c:\windows.old /q /c /t /reset rd /s /q c:\windows.old |
