There are a few rules that you should always follow...

  • Do not add hosts using own user credentials.
  • Do not use VMM service account to add hosts.

Create account in Active Directory to manage hosts

  • New identity in Domain Users group.
      • scvmmrunashosts
  • Add the account manually to the Local Administrators group on the hosts or do it automatically using Group Policy.

Add the new account to the hosts using Group Policy

  • Create group in the Active Directory and add new account as the member.
      • scvmmrunashostsgroup
  • Create a new Group Policy Object (GPO).
  • Recommended - Preferences
    • Computer Configuration\Preferences\Control Panel Settings\Local Users and Groups - New - Local Group
    • Select Administrators (built-in) and identity in Active Directory.
  • Old way - Restricted Groups
    • Computer Configuration\Policies\Windows Settings\Security Settings\Restricted Groups - Add Group...
    • Set the new group as Member Of Local Administrators
      • Administrators
  • And after gpupdate you can check the results on your Hyper-V hosts.

Create new Run As account in the VMM

  • Create Run As Account
  • Set name for the Run As account and add domain credentials of the created identity.
      • Hosts Administrator
      • AD\scvmmrunashosts
« Previous Next »

Part of the series

  1. Building Microsoft System Center Cloud - Outline