After upgrading to Windows 2008 R2 can't start VM's

모든 응답

• 2009년 9월 14일 월요일 오전 5:56

  중재자

   

   
  

  0

  Hi,

   

  I noticed that you have Symantec AV installed on your Hyper-V host, please uninstall Symantec AV to test whether the VMs work.

   

  If the issue continues, please help me to collect the following information:

   

  1.    What’s the warning when you tried to upgraded the Hyper-V host?

  2.    Did you get any error when you start the VM after the upgrade?

   

  In addition, generally speaking, we don’t recommend that you keep Domain Controller on a Hyper-V host machine.

   

  I also include the following post, hope it helps:

   

  can not start any VM (failed to initialize: Microsoft Key-Vlaue Pair Exchange Component

  http://social.technet.microsoft.com/Forums/en-US/winserverhyperv/thread/25e3a4db-b868-4f8b-a45f-47b6bba54542

   

   

  Best Regards,

  Vincent Hu

   

   
• 2009년 9월 14일 월요일 오후 2:56

   

   
  

  0
  Vincent,
  
  Thanks for the response.  I appreciate any help I can get.  The "'Symantec AV Manager'" was actually the name of the virtual machine I was trying to create.  Nevertheless, you are correct.  Symantec Endpoint Protection is installed.  I uninstalled it.  There is no change.  I cannot start any newly created virtual machine or the imported VM.
  
  Below is the compatibility report from the installation of Windows 2008 R2 over Windows 2008, both enterprise editions.  This is the warning I mentioned in my initial post.  To answer your second question, the errors I get when I try to start a virtual machine are included in the initial post - event ID 3040 and 3080.  The server is a lab server and not in production.  It has AD for testing purposes.  This configuration worked great before upgrading to R2.  Most of my customers are small and I am trying to come up with ways to virtualize machines in a small business environment, which is why the lab machine has AD.
  
  

  Before continuing with the upgrade, make sure software vendors support your software on Windows Server 2008 R2. Follow their software specific recommendations before and after the upgrade. To verify software compatibility on the Windows Server Catalog and to download tools and documentation, go to http://go.microsoft.com/fwlink/?LinkID=85172 Important: If the software isn’t supported on Windows Server 2008 R2, or if the software vendor does not support software that is installed during the upgrade of the operating system, uninstall that software before you upgrade. If you do not uninstall the software, your system will be unsupported, the software might not work, and software settings or other information might be lost.

  
  

  •  

  •  

  •  

  •  

  •  

  Upgrading Windows will affect the following features:

  
  

  • Turn off these Windows features.

  •  
    • Microsoft Hyper-V – Please read Microsoft Knowledge Base article: 957256
   
• 2009년 9월 14일 월요일 오후 3:55

   

   
  

  0

  Vincent,
  
  I read through the link on the Microsoft Key-Vlaue Pair Exchange Component.  Everything checked out okay.  The only thing I could not check was item five in one of the posts, "Check permissions on root\CIMV2 and root\virtualization by selecting the node and pressing "Security'."  I was able to check it, but the post did not say what it should be.  I changed Network Service to add full write and partial write.  All the Hyper-V services were stopped and then started.  Still can't start any VM's.

   
• 2009년 9월 15일 화요일 오전 10:41

  중재자

   

   
  

  1

  Hi,

   

  Please perform the following suggestions to test whether it works:

   

  1.    Add [network service] with [full control] under C:\ProgramData\Microsoft\Windows\Hyperv\InitialStore.xml

  2.    Set [start] value to [4] for HKLM\System\CurrentControlSet\Services\imbdrv

  3.    Set [Administrator] with [full control] under [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Class\{4D36E97D-E325-11CE-BFC1-08002BE10318}]

   

  By the way, please right click on one of your VHD, navigate to permission tab, check whether there are a item like the following in red on your VHD.

  Note: 78BA5D96-0EEE-405E-B16D-F240DD23B307 is the GUID of one this VM on my Hyper-V machine.

  

   

  If the issue continues, please use Process Monitor to capture a file and registry access trace while attaching a VHD file to a VM. After that, please send the log file for further research.

   

  Process Monitor

  http://technet.microsoft.com/en-us/sysinternals/bb896645.aspx

   

  How to use Process Monitor

   

  1.    Please download Process Monitor,

  2.    Please run Process Monitor and then start a problematic VM.

  Note: The Process Monitor will captured automatically after you start it, if it doesn’t start, you can click Capture on the toolbar menu or press “Ctr + E”to start it.

  3.    Once the error occurred, please click File menu, uncheck Capture Events, click Save, exported the events to Logfile.CSV

  4.    Please upload the file and then use Windows Live SkyDrive (http://www.skydrive.live.com/) to upload the file and then give me the download address.

   

  In addition, as you are in a test environment, please remove AD from this Hyper-V host machine to test whether it works.

   

   

  Best Regards,

  Vincent Hu

   

   
• 2009년 9월 15일 화요일 오후 12:33

   

   
  

  0
  Vincent,
  
  

  I did items one and three in your instructions.  There is no registry entry on the w2008 R2 server for HKLM\System\CurrentControlSet\Services\imbdrv.  If this is a necessary entry, can you send me everything that belongs in it and I will create it.  Tried to start a VM with no luck after making the permission changes.  This afternoon I will get you the Process Monitor information (client appointments today).
  
  Tony

   
• 2009년 9월 16일 수요일 오전 1:02

   

   
  

  0
  Vincent,
  
  I created the process monitor file you requested.  This is the first time I have done this, so if it's wrong let me know and I'll try again.  Also, first time using skydrive live.  I copied the URL where the file was placed.
  
  http://cid-f77d585d18493335.skydrive.live.com/browse.aspx/.Public?uc=1
  
  Tony
   
• 2009년 9월 16일 수요일 오전 9:56

  중재자

   

   
  

  1

  Hi,

   

  Before we perform the further research, I'd like to confirm whether you have shutdown the VMs and then merged or deleted the snapshots before you perform the upgrade. The VMs in save state or have snapshots while upgrading will cause some expected issue.

   

  For more information, you can refer to:

   

  949222 Virtual machines that were created on the beta version of the Hyper-V role do not start after the Hyper-V role is updated to a later version

  http://support.microsoft.com/kb/949222

   

  Hyper-V and in-place upgrade to Windows Server 2008 R2 Release Candidate

  http://blogs.technet.com/jhoward/archive/2009/05/05/hyper-v-and-in-place-upgrade-to-windows-server-2008-r2-release-candidate.aspx

   

  If you have done the above processes, please save all the event log of Hyper-V and send it to me, the log file is not enough for further research, thanks for your understanding!

   

   

  Best Regards,

  Vincent Hu

   
• 2009년 9월 16일 수요일 오후 2:25

   

   
  

  0
  I actually exported the only VM that was on the server before the upgrade.  Then I shut the VM down and deleted it.  One of the articles I read gave three ways to upgrade your VM's, and that seemed the easiest way to do it and the surest way to ensure no problems during the upgrade to W2008 R2.  You will note in my original post that an imported VM started all this.
  
  The Hyper-V event log is here:
  
  http://cid-f77d585d18493335.skydrive.live.com/browse.aspx/.Public?uc=1
  
  Tony
   
• 2009년 9월 16일 수요일 오후 3:52

   

   
  

  0

  Have you tried to remove the Domain Controller from the Hyper-V host mahcine? I have tried to imported a VM (exported from Windows Server 2008 Hyper-V) on R2 without any issue.
  

   

   
• 2009년 9월 17일 목요일 오전 12:30

   

   
  

  0
  I was hoping to avoid removing the domain controller role.  Even though it is a lab server, I have numerous workstations joined to the domain.  Besides, why would this work with no problems in W2008 and not W2008 R2?  Do you think the server being a domain controller would interfer and if so in what way?  It would be important for me to know.  Quite a few potential client jobs depend on this test going as well on R2 as it did on the previous version.
  
  Tony
   
• 2009년 9월 17일 목요일 오전 2:03

   

   
  

  6
  Hello,
  
  I had the same problem after Win2k8 RTM to R2 upgrade.
  
  In my case it was NTFS permissions problem (which actually wasn't a problem for Hyper-V in Win2k8 RTM).
  
  Previously, I have changed default D: drive permissions to only allow 'Full Access' for Administrators and SYSTEM group to root of the D: drive.
  
  I solved my problem by adding 'Authenticated Users' group to the root of D: drive and allowed 'List' permission with a scope 'This folder only' (You should do this via Advanced permission management).
  Just in case: do NOT check 'replace all child object permissions', otherwise you will need to recreate all your VMs configurations from scratch.
  
  Hope this helps,
  Jevgenij

  • 답변으로 표시됨 Pronetserv 2009년 9월 17일 목요일 오후 1:22
  • 편집됨 Jevgenij Martynenko 2009년 9월 18일 금요일 오전 1:27 typos
  •  
   
• 2009년 9월 17일 목요일 오후 1:28

   

   
  

  0
  Oh, for Petes sake!!!  That worked!  Such a simple fix.
  
  Thanks, Jevgenij.  You're a lifesaver.  I knew it was a permission problem all along but just could not figure out what was missing.  My setup was identical to yours and apparently created the same problem
  
  Thanks again and to everyone else who responded and lent a hand.
  
  Tony
   
• 2009년 9월 17일 목요일 오후 5:17

   

   
  

  0
  Awesome!  Worked for me as well.
  
  Out of curiosity, how did you figure out which specific permission was needed?
   
• 2009년 9월 18일 금요일 오전 1:21

   

   
  

  0
  Hey, David.
  
  I used Process Monitor from Sysinternals.
  Tried to start VM, filtered out all SUCCESS and unrelevant events and one them was showing failed access to the D: drive.
  Took some time though...
  
  Generally, I kind of used to the problem when you remove Users or Everyone group from the root of the drive.
  Several products need to access the root for some reasons, thought bypass travers checking is allowed for Everyone.
  
  Glad to help!

  • 편집됨 Jevgenij Martynenko 2009년 9월 18일 금요일 오전 1:29 typos
  •  
   
• 2009년 9월 18일 금요일 오전 1:26

   

   
  

  0
  Your welcome, Tony.
  
  Really, this problem is not specific to Hyper-V - several products require access to list the root drive (for some reason).
  For some time I have been setting the permission to list the root drive for Authenticated Users as a common practise for new servers.
  But this server was installed some time ago.
  
  Glad to help!
   
• 2009년 9월 21일 월요일 오전 5:40

  중재자

   

   
  

  0

  ·         Hi Jev,
  
  Thanks for your sharing!
  

   
• 2009년 9월 21일 월요일 오전 5:40

  중재자

   

   
  

  0

  ·         Hi Jev,

   

  Thanks for your sharing!

   

   

  Best regards,

  Vincent Hu

   
• 2010년 6월 2일 수요일 오후 1:40

   

   
  

  0

  Anyone had this problem on the C: drive of a Core R2 installation?  I have followed instructions on how to apply permissions here: 

  http://social.technet.microsoft.com/Forums/en-US/winserverhyperv/thread/fbf80eb7-9a8b-48c2-9611-15fac92de89e

  It's not working for me.  I still get the infamous "An attempt to initialize VM saved state failed."  Procmon tells me "NT AUTHORITY\NETWORK SERVICE" needs access to "C:\ProgramData\Microsoft\Windows\Hyper-V\Virtual Machines\C23C8810-4383-4170-9953-86E3113DCFB5\C23C8810-4383-4170-9953-86E3113DCFB5.vsv" but after applying:

   

  icacls "C:\ProgramData\Microsoft\Windows\Hyper-V\Virtual Machines\C23C8810-4383-4170-9953-86E3113DCFB5\C23C8810-4383-4170-9953-86E3113DCFB5.vsv" /grant "NT AUTHORITY\NETWORK SERVICE":F /T
  
  icacls "C:\ProgramData\Microsoft\Windows\Hyper-V\Virtual Machines\C23C8810-4383-4170-9953-86E3113DCFB5\C23C8810-4383-4170-9953-86E3113DCFB5.vsv" /grant "NT VIRTUAL MACHINE\C23C8810-4383-4170-9953-86E3113DCFB5":F /T
  
  icacls "C:\ProgramData\Microsoft\Windows\Hyper-V\Virtual Machines\C23C8810-4383-4170-9953-86E3113DCFB5" /grant "NT AUTHORITY\NETWORK SERVICE":F /T
  
  icacls "C:\ProgramData\Microsoft\Windows\Hyper-V\Virtual Machines\C23C8810-4383-4170-9953-86E3113DCFB5" /grant "NT VIRTUAL MACHINE\C23C8810-4383-4170-9953-86E3113DCFB5":F /T

   

  it still doesn't work.  I have also tried with /L even though they aren't links in my scenario.  So, maybe I should try "Authenticated Users" but I don't know the syntax for it and don't want to issue a command on the root of my C: drive without knowing what it's doing.  

  
  

  Anyone have any ideas?