Can't get passed Cluster Compute and Storage Network

[desmphil]

Hi, ive been following this guide so far.

I have a simple Domain Joined server with Windows 2022 and Windows Admin Center. My Hyper-V host is running fine and I have two VM with the latest Stack HCI source. Also Latest Admin Center, fresh installed.

When i get the the Cluster Define Network I'm stuck:

I tried every combination, private switch, internal switch, or external switch Different IP scheme, more VNIC, I can ping each scheme from the VM (shell).

I dont get why i would have a WINRM issue when i did configure everything else so far. I restarted all, vm, tried again. always gets to the same point.

Configuring Storage and Computer Network

Hyper-V VM networking

Creating Vswitches

ipconfig from the two VM:

Testing Cluster Network

Error:

Error:

We couldn't configure adapter

Message

We couldn't configure adapter Error We couldn’t configure and test network adapters. Please try again. Error: (1) RemoteException: The WinRM client cannot process the request. Default authentication may be used with an IP address under the following conditions: the transport is HTTPS or the destination is in the TrustedHosts list, and explicit credentials are provided. Use winrm.cmd to configure TrustedHosts. Note that computers in the TrustedHosts list might not be authenticated. For more information on how to set TrustedHosts run the following command: winrm help config.

(2) RemoteException: The WinRM client cannot process the request. Default authentication may be used with an IP address under the following conditions: the transport is HTTPS or the destination is in the TrustedHosts list, and explicit credentials are provided. Use winrm.cmd to configure TrustedHosts. Note that computers in the TrustedHosts list might not be authenticated. For more information on how to set TrustedHosts run the following command: winrm help config.

Any logs on the hosts i should look at?

[mattmcspirit]

Hi - is this nested in your own environment, or are you running this inside the Azure VM?

When the cluster networks are testing, have you seen a CredSSP popup that you needed to accept? It may have popped up behind your active window.

Thanks!

[desmphil]

1. Im using my own nested environnement with an HyperV running on Windows Server 2022.

But if this persist I will definitely reproduce in an Azure VM as documented, and get back to you.

Im always using Microsoft Edge, connected to the Windows 2022 Server. I also tried with Windows 11 (my desktop).

Never got any popup testing on both ends. I also tried installing Windows Admin Center on a desktop windows 10 on the same domain but I got the same result at the same network configuration.

I tried enabling Enable-WsmanCredSSP on the (Windows Admin Center) host running W2022 without any luck.

Enable-WSManCredSSP -Role "Client" -DelegateComputer "*.domain.ca"

Setup 1 domain controller. 1 host (windows 2022) running the Admin Center 1 host (Hyper-V) W2022 2 VM (AzureStackHCI_20348.288_en-us)

Philippe Desmarais

From: Matt McSpirit @.> Sent: Monday, November 8, 2021 4:44 PM To: Azure/AzureStackHCI-EvalGuide @.> Cc: Philippe Desmarais @.>; Author @.> Subject: Re: [Azure/AzureStackHCI-EvalGuide] Can't get passed Cluster Compute and Storage Network (Issue #68)

CAUTION: This email originated from outside of the organization. Do not click links or open attachments unless you recognize the sender and know the content is safe.

Hi - is this nested in your own environment, or are you running this inside the Azure VM?

When the cluster networks are testing, have you seen a CredSSP popup that you needed to accept? It may have popped up behind your active window.

[Image removed by sender. image]https://user-images.githubusercontent.com/20191274/140822927-5fce3f93-991b-4d7c-8840-7071c679afb9.png

Thanks!

— You are receiving this because you authored the thread. Reply to this email directly, view it on GitHubhttps://github.com/Azure/AzureStackHCI-EvalGuide/issues/68#issuecomment-963601824, or unsubscribehttps://github.com/notifications/unsubscribe-auth/ALREHANLMGCDZWPWTTQLHMDULBABHANCNFSM5HTXE7XA. Triage notifications on the go with GitHub Mobile for iOShttps://apps.apple.com/app/apple-store/id1477376905?ct=notification-email&mt=8&pt=524675 or Androidhttps://play.google.com/store/apps/details?id=com.github.android&referrer=utm_campaign%3Dnotification-email%26utm_medium%3Demail%26utm_source%3Dgithub.

[mattmcspirit]

Hey Philippe - there should definitely be a pop-up for CredSSP when you run the cluster test - so likely something may be causing it not to fire, or it's hidden behind an active window.

Could you please make sure popups aren't blocked in Edge, for your WAC hostname, and also, there's some additional CredSSP/WinRM troubleshooting guidance here:

https://docs.microsoft.com/en-us/azure-stack/hci/manage/troubleshoot-credssp

Did you create your AD Domain for this sandbox, or is it part of an existing domain which may have some Group Policies applied to your HCI nodes automatically?

Thanks! Matt

[desmphil]

Definitely no Popup, that’s for sure. So I modified Microsoft Edge to allow Popup and I will see.

This is a non-production domain I use for my own R&D. It as an Azure Path and Local Path to replicate most of the on-prem / cloud based setup.

Everything is under computers OU where not much GPO applied apart from default domain policy.

I will investigate further tomorrow.

Philippe Desmarais Expert Solutions Microsoft @. @. WWW.IT5.CAhttp://WWW.IT5.CA [SignatureCompagnyPhil_Red_300]

From: Matt McSpirit @.> Sent: Monday, November 8, 2021 5:13 PM To: Azure/AzureStackHCI-EvalGuide @.> Cc: Philippe Desmarais @.>; Author @.> Subject: Re: [Azure/AzureStackHCI-EvalGuide] Can't get passed Cluster Compute and Storage Network (Issue #68)

CAUTION: This email originated from outside of the organization. Do not click links or open attachments unless you recognize the sender and know the content is safe.

Hey Philippe - there should definitely be a pop-up for CredSSP when you run the cluster test - so likely something may be causing it not to fire, or it's hidden behind an active window.

Could you please make sure popups aren't blocked in Edge, for your WAC hostname, and also, there's some additional CredSSP/WinRM troubleshooting guidance here:

https://docs.microsoft.com/en-us/azure-stack/hci/manage/troubleshoot-credssp

Did you create your AD Domain for this sandbox, or is it part of an existing domain which may have some Group Policies applied to your HCI nodes automatically?

Thanks! Matt

— You are receiving this because you authored the thread. Reply to this email directly, view it on GitHubhttps://github.com/Azure/AzureStackHCI-EvalGuide/issues/68#issuecomment-963621682, or unsubscribehttps://github.com/notifications/unsubscribe-auth/ALREHALIZY76XRS2LK74VGLULBDM7ANCNFSM5HTXE7XA. Triage notifications on the go with GitHub Mobile for iOShttps://apps.apple.com/app/apple-store/id1477376905?ct=notification-email&mt=8&pt=524675 or Androidhttps://play.google.com/store/apps/details?id=com.github.android&referrer=utm_campaign%3Dnotification-email%26utm_medium%3Demail%26utm_source%3Dgithub.

[desmphil]

Allright so i managed to fix it.

1. DNS issue, the Stack HCI host would not register DNS properly on the domain even though everything is setup to do so.

   • I had to delete the DNS entries in the domain controller.

2. Validate CredSSP and everything else.

   • From the Hosts creating the Stack HCI, open the EventViewer of both remote computer and the Hyper-v console as well. If this works your good to manage the two VM’s
   • If these tests are successful, then instead of a winrm issue you get a network configuration error report.

3. I changed the private switches to the internal only switches on the Hyper-V hosts.

As per the popup itself never seen it

[Table Description automatically generated with medium confidence]

For whatever reason the Volume interface doesn’t allow me to create any volume When I click create, nothing happens, tried on google chrome, other VM, other hosts too It doesn’t show any errors or notification in the Bell either. I had to go in powershell with the new-volume command.

[Graphical user interface, text, application, email Description automatically generated]

My ultimate goal was to manage Everything ON-PREM from Azure but I don’t think were there yet…. Create VM still happens downstream, where I would have expected that from Azure ARC or STACK HUB, HCI everything Is from portal.azure.com Simplify IT

Unless im wrong.

Philippe Desmarais Expert Solutions Microsoft @. @. WWW.IT5.CAhttp://WWW.IT5.CA [SignatureCompagnyPhil_Red_300]

From: Philippe Desmarais @.> Sent: Monday, November 8, 2021 5:21 PM To: Azure/AzureStackHCI-EvalGuide @.>; Azure/AzureStackHCI-EvalGuide @.> Cc: Philippe Desmarais @.>; Author @.***> Subject: RE: [Azure/AzureStackHCI-EvalGuide] Can't get passed Cluster Compute and Storage Network (Issue #68)

Definitely no Popup, that’s for sure. So I modified Microsoft Edge to allow Popup and I will see.

This is a non-production domain I use for my own R&D. It as an Azure Path and Local Path to replicate most of the on-prem / cloud based setup.

Everything is under computers OU where not much GPO applied apart from default domain policy.

I will investigate further tomorrow.

Philippe Desmarais Expert Solutions Microsoft @. @. WWW.IT5.CAhttp://WWW.IT5.CA [SignatureCompagnyPhil_Red_300]

From: Matt McSpirit @.**@.>> Sent: Monday, November 8, 2021 5:13 PM To: Azure/AzureStackHCI-EvalGuide @.**@.>> Cc: Philippe Desmarais @.**@.>>; Author @.**@.>> Subject: Re: [Azure/AzureStackHCI-EvalGuide] Can't get passed Cluster Compute and Storage Network (Issue #68)

CAUTION: This email originated from outside of the organization. Do not click links or open attachments unless you recognize the sender and know the content is safe.

Hey Philippe - there should definitely be a pop-up for CredSSP when you run the cluster test - so likely something may be causing it not to fire, or it's hidden behind an active window.

Could you please make sure popups aren't blocked in Edge, for your WAC hostname, and also, there's some additional CredSSP/WinRM troubleshooting guidance here:

https://docs.microsoft.com/en-us/azure-stack/hci/manage/troubleshoot-credssp

Did you create your AD Domain for this sandbox, or is it part of an existing domain which may have some Group Policies applied to your HCI nodes automatically?

Thanks! Matt

— You are receiving this because you authored the thread. Reply to this email directly, view it on GitHubhttps://github.com/Azure/AzureStackHCI-EvalGuide/issues/68#issuecomment-963621682, or unsubscribehttps://github.com/notifications/unsubscribe-auth/ALREHALIZY76XRS2LK74VGLULBDM7ANCNFSM5HTXE7XA. Triage notifications on the go with GitHub Mobile for iOShttps://apps.apple.com/app/apple-store/id1477376905?ct=notification-email&mt=8&pt=524675 or Androidhttps://play.google.com/store/apps/details?id=com.github.android&referrer=utm_campaign%3Dnotification-email%26utm_medium%3Demail%26utm_source%3Dgithub.

[mattmcspirit]

Hi Philippe - whilst we're not there yet, the goal is to utilize Azure Arc to manage as much as possible for Azure Stack HCI. Today, with 21H2, you're right, a number of tasks still need to be performed locally, with either PS or WAC, but more operations are moving to Arc, as detailed in this recent Ignite blog post:

https://techcommunity.microsoft.com/t5/azure-stack-blog/what-s-new-for-azure-stack-hci-at-microsoft-ignite-2021/ba-p/2897222

So, VM deployment is one example, Arc-enabling the HCI hosts, integration with Azure monitor etc are all either coming, or available. In terms of VM management, through Arc you'll be able to deploy VMs either through the portal, or through templates etc.

Hope that helps, Matt