alphaspirit - Fotolia
Although the benefits of live migrations are well-documented, the issue of actually initiating the migration is often overlooked or ignored until it's required. Administrators then must grapple with the dynamics of signing onto the servers to perform the migration. Think about system sign-on and authentication requirements before wrestling with live migrations. And there are two ways to authenticate a sign-on for Hyper-V live migration -- Kerberos or Credential Security Support Provider.
Kerberos, which can work remotely, is typically used when remote management tools are trusted to initiate live migrations, such as through System Center. In this case, select constrained delegation through the Active Directory Users and Computers console or via PowerShell and then choose Kerberos as the preferred authentication protocol. Kerberos can provide mutual authentication, ensuring that both ends of the connection are correct.
To initiate a live migration manually using Windows PowerShell scripts, remote desktop sessions or local console management, sign on to the originating server and use Credential Security Support Provider (CredSSP) to authenticate the migration process. CredSSP is simple and easy to use, but it requires a local login to the server originating the migration. This requirement works for most small- or midsize businesses, but it might not be practical for large enterprises with multiple remote facilities that require live migrations.
The local sign-on requirement for CredSSP can pose unexpected problems when the destination server is remote. If an admin signs onto a local server A and migrates a VM to remote server B, the sign-on works without issues because server A is local. But if IT teams need to move the VM from remote server B back to local server A, it may not be possible because they'd need to sign onto server B locally to initiate the migration back to server A. This is a common oversight that has come back to trouble many overworked administrators; the migration attempt will fail -- citing that no credentials are available.
Dig Deeper on Microsoft Hyper-V management
Related Q&A from Stephen J. Bigelow
While the Windows Admin Center is one way to manage the Azure Stack HCI platform, you can also use traditional, battle-tested tools. Continue Reading
There are many tools available on the AWS Marketplace for QA testing, making it difficult to determine where to begin. What should an enterprise look... Continue Reading
Hyper-converged infrastructure that runs on Windows Server is not a new concept, but Microsoft's Azure Stack HCI program has one big difference from ... Continue Reading
Have a question for an expert?
Please add a title for your question
Get answers from a TechTarget expert on whatever's puzzling you.