Recently I have obtained new server which is to be used as new test virtualization server for me and few of my co-workers. Since we had one more server left over from the previous demo lab deployments, I decided to utilize SCVMM 2008 R2 and Self Service Portal 2.0, to create a small private cloud for internal use.
We have our company domain, but I did not want to install SCVMM into it, so I created new domain, demo.local, and added all required machines into in. As you can see in the diagram, I have established one-was trust with company domain to use user account that are already there. Idea was to publish all virtual machines in the SSP and with right permissions make them available to their respective owners, wherever they may be, internally connected to domain od externally connected over VPN.
Also, all of the users are empowered to create their own virtual machines through portal. After all was installed and set up, I started testing the implementation. All was working fine, and I was able to connect to virtual machines through SPP and through its “connect to” feature. RDP feature was not yet working, since virtual machines where not recorded in DNS. But I could live with that for the time being.
And then, all of a sudden, I started getting weird Windows Security popups, informing me that my SCVMM server is not trusted and that I can not use default login credentials to access it. Bare in mind that I was accessing it all the time via VPN connection from the laptop that is a member of my company domain. After I entered valid credentials, I was informed that certificate presented by SCVMM was not valid and that I can not connect to its virtual machines.
I checked and re-checked everything, and still could not find what the problem was. I checked the certificate, the time settings between DC and SCVMM, permissions, VMM configuration and even tried to reinstall portal. But no luck.
The weirdest thing is that it all worked as expected in the beginning and stopped after hour or so. I will have to look some more into it. Maybe tomorrow.