Extend AD to Azure Site

I'm stumped. I am trying to extend my AD domain into an Azure site.   I have created a network and established a  Site to Site VPN I then created a windows 2012 R2 vm and a second vm using the same cloud service. If I look at this service
it shows the two instances. So far so good. I have my internal DNS servers set as the DNS for my network. I then RDP into the new VMs and join them to my domain. No problem. I can ping the new vm, I can rdp using domain credentials, etc. All good so far.
Now, I add the AD role to one of the VMs.  Perfect.   I then run the AD DS config wizard.  Select add a domain controller to an existing Domain, select the domain, and as I am logged in as a domain admin with full rights, leave the default
to use the signed in credentials.   Click next and get an error "Could not log onto the domain with the specified credentials".  What?  
I have never seen this before, and I have extended our domain into other data centers via site to site vpn. 
Is there something I need to change with the Network, Cloud Service, our VM? Is something being blocked that is preventing the authentication step necessary to contact our current AD DS servers?
In the past after getting my Site to Site VPN in place I have been able to promote a member machine without issue.  
Also, the same credentials were used to join the machine to the domain with no issues. 
In the new servers Event log it shows that the DFS replication service successfully contacted the domain controller to access configuration information.in the application event log I only see an error that the Open Procedure for servie "BITS" failed
But I also see an error in System event log that shows RPC call DC not responsive RPC call has been cancelled.  
Any advice on what to look for that might cause the RPC call to fail?  Thank you in advance
Fred Zilz

Ok, it looks like rpc is failing when going through the VPN.  I have a Juniper SRX100 on the On premise side.  If I run Get-WmiObject win32_computersystem -computer {computername} from one server to another on my local lan, it returns the computers
system info. If I run it from one AD server on my local lan to an ad server across a site to site vpn to a second location (SRX100 to SRX100) route base it also returns the computer information.
If I run this from one VM on my Azure site to another VM on the site it returns the computer information.  But, if I run this from a computer on my local lan to a vm on Azure it fails.  Running it from a vm on azure to a computer on my lan also
fails.  Note, I used the same machines for the tests local to local and local to external so it is not a local machine firewall policy.
Are there any settings for the VPN from the Azure side?   I am now looking to see if there is anything different on my VPN settings for my site to Azure VPN vs my site to second location VPN.
Fred Zilz

Similar Messages

  • Azure site recovery with existing extended replication

    I'm wondering if this is possible. I have two non-clustered hypervisors, which both replicate to the same primary replication server, which in turn performs extended replication to another offsite replication server. I cannot set more than a single
    replication target on the primary hypervisors or the primary replication system and you cannot extend replication past an already extended replication server. In order to use Azure site recovery would I have to stop my existing extended
    replication and just perform replication to Azure? How does a private cloud work with 2 non-clustered primary hypervisors and primary/secondary private clouds?

    Hi
    I am not sure if I got the nuance of the question - but as of today. Azure Site Recovery does not support the notion or workflow of extend-replication.
    This is applicable for replicating VMs from pointA->pointB->pointC (replace "point" with "server" or "cloud") & pointA->pointB->Azure (same as before, replace "point" with "server" or "cloud").
    Let's assume you have a replication setup for a VM between two VMM clouds - as of today, we do not have a workflow which allows you to "extend" the replica VM in the secondary cloud to Azure. Hope that helps.
    Praveen

  • Hyper-V VM not showing up in Azure Site Recovery

    Hello,
    I'm trying to set up Azure Site Recovery as "On-Premise Hyper-V site to Azure" - so without VMM.
    So far I've followed the steps from here: https://msdn.microsoft.com/en-us/library/azure/dn879142.aspx up
    to Step 5. That's where I'm stuck.
    Wen trying to set up protection for my VMs Azure is not recognizing my on premise VMs although there is one running on my Hypervisor: http://i.imgur.com/h8TnV46.png
    The Hypervisor got recognized within the Hyper-V site and the Recovery Services Agent and Site Recovery Service are running on my Hypervisor.
    The Hypervisor's event log (Microsoft -> Azure Site Recovery -> Provider -> Operational) shows that replication is triggered every 15 minutes as configured in Azure but no changes are commited to Azure.
    My Hypervisor is a freshly installed Windows 2012 R2. Not domain joined, no proxies. Firewall disabled.

    Hi,
    Check for FAQ on Azure site recovery for Hyper-V and other VM's
    http://social.technet.microsoft.com/wiki/contents/articles/21619.microsoft-azure-site-recovery-common-error-scenarios-and-resolutions.aspx
    Girish Prajwal

  • Maximum disk size for azure site recovery

    Hi everyone,
    I am looking into Azure Site Recovery, and I can't seem to find the maximum disk size I would be able to replicate into Azure.  I have read some articles saying that 1TB is the maximum size, and some people have said that it is 64TB!! I have a File
    Server that I would like to protect which is 4TB in size, and if the limit is 1TB I think it is very limiting...
    Any help would be greatly appreciated.
    Many Thanks.
    Robert Milner | MCITP: Virtualization Administrator | Website: http://www.remilner.co.uk | Twitter: @robm82

    Hello Robert,
    The current size limits for a VM replicating to Azure are :
    For an OS VHD (the vhd that has the OS Installation) : 127 GB
    For a Data VHD  (<1 TB)
    Is the size of your file server running on a single 4 TB volume?
    Anoop KV
    Hi Anoop,
    Our File Server is currently running on a single 4TB volume.  Do I have any options with regards to replicating this VM to Azure using Site Recovery?
    Many thanks.
    Robert Milner | MCITP: Virtualization Administrator | Website: http://www.remilner.co.uk | Twitter: @robm82

  • Can I see the list of Event's Notification types of Azure Site Recovery ?

    Can I see the list of Event's Notification types of Azure Site Recovery ?
    I want to verify Event's Notifications rather than "Virtual machine health is OK".
    Example senarios:
    senario 1. Disconnect the Ethernet cable.
      Can I get the notification e-mail at Disconnecting the Ethernet cable from the on-premises Hyper-V host ?
    senario 2. Turn off
      Can I get the notification e-mail at Turning off the protected Virtual Machine on the on-premises Hyper-V host ?
    senario 3. e-mail test
      Can I get the notification e-mail after turning on Event Notification ?
      Is e-mail address Collect ?
      Can I get e-mail without auto-Junk ?
    Regards,
    Yoshihiro Kawabata

    Hi Yoshihiro Kawabata,
    Thanks for bringing these requests to our attention. We currently do not have support for these three types of email notifications. I will add them to our backlog and we will enable support for them soon.
    Currently, we support email notifications only for replication issues. One example you can easily test is to Pause the replication of a virtual machine from the Hyper-V Manager UI. This should send an email notification.
    Let me know if this helps.
    Thanks
    Siva

  • Azure Site Recovery for HA workloads?

    Can Azure Site recovery be used for HA workloads?
    To my understanding Azure Site Recovery leverages Hyper-V Replica. What if my on-premises clouds are hosting HA SQL AlwaysOn cluster workloads?
    Thanks!

    Hello Quivver,
    Thanks for your query. Can you clarify if you are using SQL Always On Availability Groups or Failover Cluster Instance (FCI). If you are already using SQL Always On Availability Groups, we will recommend using the same to replicate SQL databases to DR site
    and using Azure Site Recovery to protect the app tier VMs and create a Recovery Plan to failover the entire Application.
    If you are using FCI instances then they cannot be replicated using Hyper-V Replica. We recommend enabling SQL log shipping or Availability group and orchestrating that with ASR recovery plan.
    Thanks,
    Abhishek Agrawal, PM, Azure Site Recovery

  • Azure Site Recovery to Azure - cost for data transfer and storage

    Hello,
    I send you this message on behalf of a small firm in Greece interested to implement Azure Site Recovery to Azure.
    We have one VM (Windows 2008 R2 Small Business Server) with 2 VHDs (100GB VHD for OS and 550GB VHD for Data) on a Windows 2012 server Std Edition.
    I would like to ask you a few questions about the cost of the data transfer and the storage 
    First: About the initial replication of the VHDs to Azure. It will be 650GBs. Is it free as inbound traffic? If not the Azure Pricing calculator shows about 57€. But there is also the import/export option which costs about the same:
    https://azure.microsoft.com/en-us/pricing/details/storage-import-export/
    What would be the best solution for our case? Please advice.
    Second: What kind of storage is required for the VHDs fo the VM (650GBs). My guess is Blob storage. For this storage locally redundant, the cost will be about 12-13€/month. Please verify.
    Third: Is the bandwidth for the replication of our VM to Azure free?
    That's all for now.
    Thank you in advance.
    Kind regards
    Harry Arsenidis 

    Hi Harry,
    1st question response: ASR doesn't support Storage Import/Export for seeding the initial replication storage. ASR pricing can be found
    here which details about 100GB of Azure replication & storage per VM is included with the purchase of the ASR to Azure subscription SKU through the Microsoft Enterprise Agreement. 
    Data transfer pricing
    here  indicates that inbound data transfers are free.
    As of now only option will be online replication. What is the current current network link type & bandwidth to Azure? Can you vote for the feature & update requirements here?
    2nd question response: A storage account with geo-redundancy is required. But as mentioned earlier with Microsoft Enterprise Agreement you will get 100GB of Azure replication & storage per VM included with ASR. 
    3rd question response: Covered as part earlier queries.
    Regards, Anoob

  • Microsoft Azure Site Recovery VM Metadate Replication

    Hello,
    We are in a process of investigating azure site recovery for On-Premise to azure replication, but we have seen strange behavior with our VM's after the initial replication.
    We installed a new VM with single disk .vhdx (containing the operating system only) with the size of 127 Gb as the default suggests, and we started replicating the VM to Azure. in the meantime we decided to add a second disk .vhdx file with 200GB in size
    and we figure that the replication will include the second .vhdx file (second disk) but it did not.
    the way we figured it out is by doing a failover test and we have seen that the second disk is missing, the only option of replicating the changes was by removing the replication and than adding it back, it seems that only the initial replication
    takes the metadata of the VM, is it by design?
    Ilan Saadi

    Hi Ilan,
    Your observation is correct; only during enabling the protecting we read the disk metadata and replicate.
    Currently we don't support replicating newly added disk to a protected virtual machine; this is part of the backlog and would request you to update the feature with your specific requirement details
    here.
    Regards
    Anoob

  • Azure site recovery Gen 2 VM support

    Why does Azure site recovery not support gen 2 VMs? When is support planned for Gen 2?

    Gen-2 VM support, as of today, is closely tied to the Hypervisor version (WS 2012 R2). When failing over the VM in Azure, the underlying hypervisor needs to support this capability (which isn't the case today) - we have heard this feedback from our customers
    and trying to find ways to unblock this. You can "vote" for this requirement @
    http://feedback.azure.com/forums/256299-site-recovery/suggestions/6085722-protection-for-generation-2-virtual-machines
    Praveen

  • Onsite Hyper-v servers to Azure Site Replication

    Hi 
      I am trying to create a Virtual Machine replication between on site Hyper-V 2012 R2 core server and Azure without SCVMM. When I run the Microsoft Azure Site Recovery Provider setup and on the Recovery Registration Wizard as soon as i Click browse
    to upload the Vault key file I get the below error. How do I resolve this error ? 
    Regards
    gprajan
    Regards Gprajan

    Hi,
    Please follow the below steps to solve your issue.
    1) Open an Admin Command Prompt
    2) Browse to the install location of Azure Site Recovery Provider (usually it is C:\Program Files\Microsoft Azure Site Recovery Provider\
    3) Run the following command
    DRConfigurator.exe /r /Credentials <PathtoRegistrationKeyFile> /FriendlyName <NameOfHyper-VHost>
    Regards,
    Anoop KV

  • Azure Site Recovery..

    1.On what scenario does the azure comes to know whether the server is up or down.
    2. Suppose only the network is down, but the servers are up and running, in that case will the vm in azure are failover is done or not?
     

    Praveen is spot on. There is a difference between high availability and disaster recovery. Azure Site Recovery leverages Hyper-V Replica - which is truly a DR solution. In most cases, this is something you would like to perform manually and requires interaction
    from the human being. 
    -kn
    Kristian (Virtualization and some coffee: http://kristiannese.blogspot.com )

  • Azure site recovery to Azure

    Hello everybody,
    Is it possible to recover Azure site to another data center in Azure? I coud'nt find any information about this, but in pricing there is a row:
    Azure Site Recovery to Azure
    €40.22/month per instance protected"
    (http://azure.microsoft.com/en-us/pricing/details/site-recovery/ )

    What do you mean ? You configured Azure site recovery to replicate from your datacenter to Azure, and you want now to replicate form Azure Datancenter to another Azure Datacenter (Exmaple US EAST to US WEST)
    Please give more explanation, what to you want exactly to do ?
    Regards, Samir Farhat Infrastructure and Virtualization Consultant || Virtualization, Cloud, Azure ? Follow and Ask here https://buildwindows.wordpress.com

  • Azure Site Recovery vs. Manual Failover?

    Hi all-
    I am designing a Windows Server 2012 R2 DR scenario using Hyper-V replica.
    Environment:
    Site A:  Primary Server (HP DL380 using DAS with Gen2 / VHDX VMs).  System Center VMM 2012 R2 management server and console installed on this Hyper-V host.  SQL database for SCVMM placed in one of the VMs on this host.
    Site B:  Replica Server (Identical HP DL380).
    Approximately 10Mbps WAN connection interconnecting the sites.
    I need to provide DR for approximately 5-6 VMs.  These will be running standard MS apps like SQL, SharePoint, etc.
    I am wondering if it's worthwhile to use Azure Site Recovery to orchestrate a small DR scenario like this or whether, due to its small size, I am better off just planning to use manual failover.
    Also, if I DO elect to use Azure site recovery, do I need to install the full SCVMM 2012 R2 Server and Console on the server, or will a management agent from the Primary Server do the trick?  If a full installation, I'm assuming I will need a full instance
    of SQL Server to host a separate database at Site B.  Am I correct?
    Thanks

    Hi,
    Azure Site Recovery is awesome, and I will recommend it to all who has a environment that supports it. If all prerequisites is met, it's simple to enable and manage :)
    http://msdn.microsoft.com/library/azure/dn469078.aspx (Prerequisites and support)
    http://azure.microsoft.com/en-us/documentation/articles/hyper-v-recovery-manager-configure-vault/
    You can replicate between two clouds on the same on-site VMM server. So if you place your VMM service so it will not fail if your Hyper-V host does, you should be fine :)
    Anyway, if you are fare away from the prerequisites, you might be better of by implementing the built-in Hyper-V Replica service, and the take the step to Azure Site Recovery when you have time.
    Best of luck in your project!
    /Anders Eide

  • VMWare to Azure Site Recovery pricing

    Hi all,
    We are looking into Disaster Recovery solution and I have a hard time understanding the pricing and the conditions of using Azure Site Recovery.
    We are going to have a file server running Windows Server 2012 R2 on a VMWare host.
    The files shared currently amount to 300GB of space.
    There is nothing else critical running on this server.
    I understand that there is a cost of 52.44 CHF/month/instance (http://azure.microsoft.com/en-us/pricing/details/site-recovery/).
    How can I calculate the cost in the case I need to use the Azure Site Recovery to run my server? What are the elements that I am going to pay for once the machine is running in Azure?
    Thank you very much.

    You dont need to use the Migration accelerator to protect to Azure. You can use ASR itself.
    The documentation has now been updated.
    Kindly also look at these blogs
    http://blogs.technet.com/b/in_the_cloud/archive/2015/03/27/announcing-azure-site-recovery-disaster-recovery-for-vmware-vms-physical-servers-amp-more.aspx
    http://azure.microsoft.com/blog/2015/03/26/announcing-the-preview-of-disaster-recovery-for-vmwarephysical-servers-to-microsoft-azure-with-asr/
    thank you,
    ruturaj

  • Azure Site to Site VPN with Cisco ASA 5505

    I have got Cisco ASA 5505 device (version 9.0(2)). And i cannot connect S2S with azure (azure network alway in "connecting" state). In my cisco log:
    IP = 104.40.182.93, Keep-alives configured on but peer does not support keep-alives (type = None)
    Group = 104.40.182.93, IP = 104.40.182.93, QM FSM error (P2 struct &0xcaaa2a38, mess id 0x1)!
    Group = 104.40.182.93, IP = 104.40.182.93, Removing peer from correlator table failed, no match!
    Group = 104.40.182.93, IP = 104.40.182.93,Overriding Initiator's IPSec rekeying duration from 102400000 to 4608000 Kbs
    Group = 104.40.182.93, IP = 104.40.182.93, PHASE 1 COMPLETED
    I have done all cisco s2s congiguration over standard wizard cos seems your script for 8.x version of asa only?
    (Does azure support 9.x version of asa?)
    How can i fix it?

    Hi,
    As of now, we do not have any scripts for Cisco ASA 9x series.
    Thank you for your interest in Windows Azure. The Dynamic routing is not supported for the Cisco ASA family of devices.
    Unfortunately, a dynamic routing VPN gateway is required for Multi-Site VPN, VNet to VNet, and Point-to-Site.
    However, you should be able to setup a site-to-site VPN with Cisco ASA 5505 series security appliance as
    demonstrated in this blog:
    Step-By-Step: Create a Site-to-Site VPN between your network and Azure
    http://blogs.technet.com/b/canitpro/archive/2013/10/09/step-by-step-create-a-site-to-site-vpn-between-your-network-and-azure.aspx
    You can refer to this article for Cisco ASA templates for Static routing:
    http://msdn.microsoft.com/en-us/library/azure/dn133793.aspx
    Did you download the VPN configuration file from the dashboard and copy the content of the configuration
    file to the Command Line Interface of the Cisco ASDM application? It seems that there is no specified IP address in the access list part and maybe that is why the states message appeared.
    According to the
    Cisco ASA template, it should be similar to this:
    access-list <RP_AccessList>
    extended permit ip object-group
    <RP_OnPremiseNetwork> object-group <RP_AzureNetwork>
    nat (inside,outside) source static <RP_OnPremiseNetwork>
    <RP_OnPremiseNetwork> destination static <RP_AzureNetwork>
    <RP_AzureNetwork>
    Based on my experience, to establish
    IPSEC tunnel, you need to allow the ESP protocol and UDP Port 500. Please make sure that the
    VPN device cannot be located behind a NAT. Besides, since Cisco ASA templates are not
    compatible for dynamic routing, please make sure that you chose the static routing.
    Since you configure the VPN device yourself, it's important that you would be familiar with the device and its configuration settings.
    Hope this helps you.
    Girish Prajwal

Maybe you are looking for

  • Nav Attribute Calculation in Query with replacement path variable

    Gurus, Can we use attribute of a charecteristic in calculation based  on the sap how to below. https://www.sdn.sap.com/irj/scn/index?rid=/library/uuid/72f4a790-0201-0010-5b89-a42a32223ffc&overridelayout=true Basically above document uses attribute wh

  • I cannot get Address book to work at all. I keep saving addresses under the "Message" menu but they don't appear.

    I can't get "AddressBook" to work at all. I opens and shows the same three addresses saved ages ago. I click on the "Messages" menu drop down and try to save the current address of an e-mail but nothing happens. Very frustrating. Any tips?? Thanks, P

  • Problem- Set TransferHandler for JList

    Hi all, In the attached code, I set transfer handler to a Jlist. But when I click and drag it, the string given in println is not printed. This is the initial step which I did for set transfer handler to jlist and I believe it should get printed. Ple

  • Do I need AirPort?

    I'd like to resist buying yet more Apple Gear if possible, although fantastic and pretty much the best solution to everything about computers, because they're expensive. So I have pretty much ascertained that my PS3 isn't going to successfully stream

  • Create new condition for SO

    Dear Experts, Kindly assist me how to create conditiaon type for just 4 sales order type out off 10 sales order type. Exp: We have ZZ01 till ZZ10 - SO type ZZ01-ZZ04 - wanted to add aditional condition, that is admin fee during SO creation. Means I n