主页 / server / 问题 / 779738
Accepted
InteXX
Asked: 2016-05-30 18:41:19 +0800 CST

移动 VMStorage 失败并出现错误 0x80070005

  • 772

我在 Hyper-V 主机 SERVER2 上发出此命令:

Clear; Get-VM | ForEach { 
  Write-Host "Migrating: "$_.Name;
  Move-VMStorage `
    -VM $_ `
    -DestinationStoragePath "\\SERVER1\D$";
}

两台服务器均已加入域,非集群。

这是我得到的结果:

Move-VMStorage:虚拟机“ADMIN”(4F452569-7DB9-4606-9371-A905267A7B0F)的存储迁移失败,出现错误“常规访问被拒绝错误”(0x80070005)。迁移没有成功。无法启动 VHD 文件“D:\Virtual Hard Disks\ADMIN.vhdx”到“\SERVER1\D$\Virtual Hard Disks\ADMIN.vhdx”的镜像操作:“常规访问被拒绝错误”(“0x80070005”)。您无权执行该操作。如果您认为您应该有权执行此操作,请联系您的管理员。

ACL 已正确配置:

PS C:\Users\domain.admin> Get-Acl 'D:\Virtual Hard Disks' | FL


Path   : Microsoft.PowerShell.Core\FileSystem::D:\Virtual Hard Disks
Owner  : BUILTIN\Administrators
Group  : DOMAIN\Domain Users
Access : CREATOR OWNER Allow  268435456
         NT AUTHORITY\SYSTEM Allow  FullControl
         BUILTIN\Administrators Allow  FullControl
         BUILTIN\Users Allow  CreateFiles, AppendData
         BUILTIN\Users Allow  ReadAndExecute, Synchronize
         NT VIRTUAL MACHINE\Virtual Machines Allow  CreateFiles, AppendData, Read, Synchronize
         DOMAIN\SERVER2$ Allow  -2147483642
         DOMAIN\SERVER2$ Allow  CreateFiles, AppendData, Read, Synchronize
Audit  :
Sddl   : O:BAG:DUD:AI(A;OICIIO;GA;;;CO)(A;OICI;FA;;;SY)(A;OICI;FA;;;BA)(A;CI;DCLC;;;BU)(A;OICI;0x1200a9;;;BU)(A;OICI;0x
         12008f;;;S-1-5-83-0)(A;CIIO;DCLCGR;;;S-1-5-21-369066176-630964511-2072824237-1119)(A;;0x12008f;;;S-1-5-21-3690
         66176-630964511-2072824237-1119)

和:

C:\Users\domain.admin>net localgroup Administrators
Alias name     Administrators
Comment        Administrators have complete and unrestricted access to the compu
ter/domain

Members

-------------------------------------------------------------------------------
Administrator
DOMAIN\Domain Admins
The command completed successfully.

C:\Users\domain.admin>net group "Domain Admins"  <==(on the PDC)
Group name     Domain Admins
Comment        Designated administrators of the domain

Members

-------------------------------------------------------------------------------
Administrator            domain.admin
The command completed successfully.

C:\Users\domain.admin>whoami
DOMAIN\domain.admin

我已将 Kerberos 委托给此处讨论。在任何可用网络下的 Kerberos 上,两台机器上都启用了传入和传出迁移。两个防火墙都关闭了。

我已经联系了我的管理员,我也不知道出了什么问题。

接下来看哪里?

live-migration hyper-v-server-2012-r2

1 个回答

  1. Best Answer

    问题是我没有将源和目标机器添加到目标共享的权限:

    # Create folder
MD X:\VMS

# Create file share
New-SmbShare -Name VMS1 -Path X:\VMS -FullAccess Domain\HVAdmin, Domain\HV1$, Domain\HV2$, Domain\HVC$

# Set NTFS permissions from the file share permissions
Set-SmbPathAcl VMS1

    这记录在这里:

    https://technet.microsoft.com/en-us/library/jj134187(v=ws.11).aspx#BKMK_Step3

    一旦我添加了它们,迁移就顺利通过了。

    • 0

相关问题