Error connecting to Hyper-V in a non-trusted domain

If you have Hyper-V host that are not part domain like in your DMZ or the computer client that needs to manage the hyper-v host is not part of the same domain; you may encounter this error.

error.jpg

This is a very annoying error and if you follow the instructions it would tell you how to fix it. In many cases you need to change the local group policy on the client machine not the Hyper-V host.

delegation.jpg

If you go to the path you  need to enable “Allow delegation fresh Credentials with NTLM-only server authentication”

When you double click on the policy you will get the following window

delegation4

Make sure you enable the policy and add the Hyper-V host.

Now this is where a lot of people make a mistake

DO NOT DO THIS

delegation3

Remember Hyper-V Manager connects over the WSMAN comtrol channel plus. You may need other protocols please reference the following Technet document

https://technet.microsoft.com/en-us/library/gg710871.aspx

 

delegation5

After you make this small change you can connect to the Hyper-V host with the Hyper-V management on your client

delegation8.jpg

 

 

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Google+ photo

You are commenting using your Google+ account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s