IT Core Blog

Never stop questioning. Curiosity has its own reason for existing…

SCVMM Error: The server encountered an error while creating “Name of the VM”

leave a comment »

Robert Vierthaler that works at Microsoft as an Escalation Engineer posted about an interesting error that you might run into.
The Details:

On a Hyper-V Server, existing VMs where running just fine, however, we could not create new VMs. The error at the final stage of the Wizard was:
The server encountered an error while creating “Name of the VM”
The operation failed
Failed to create external configuration store at
: A required privilege is not held by the client. (Virtual machine ID 0x80070522)

As it turned out, the Virtual Machine Management Server was not able to create a symbolic link for the machine at “%systemdrive%\programdata\Microsoft\Windows\Hyper-V\Virtual Machines”

By default the local User Right “Create Symbolic links” is assigned to the Adminstrators group. Once you install Hyper-V a extension is installed on this machine that allows Service SIDs to be used and the Service SID “Virtual Machines” is allowed to “Create Symbolic links”

Now, you might have the requirement to configure the User Right “Create Symbolic links” with a Domain GPO. Once configured it replaces the local assignment, and for Hyper-V Hosts you’d need to add the “Virtual Machines” Service SID. The Domain Controller is most likely not a Hyper-V Host, and does not have the necessary Hyper-V extension. Also the GPO Admin tools will not allow you to browse the Service SID namespace. Simply adding the string “Virtual Machines” does not help either as it needs to have the Hyper-V Service SID Prefix “NT VIRTUAL MACHINES”.

To get the necessary Service SID added, you need to edit the GptTmpl.inf that is associated with the GPO on the Sysvol directly. [You need to locate the correct GptTmp.inf by the GPO’s Unique ID]

Example with Administrators and added “Virtual Machines”
[Privilege Rights]
SeCreateSymbolicLinkPrivilege = *S-1-5-32-544, NT Virtual Machine\Virtual Machines

Written by IT Core

June 8, 2010 at 10:07 PM

Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out /  Change )

Google photo

You are commenting using your Google account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s

%d bloggers like this: