VMware Cloud Community
mr_vaughn
Contributor
Contributor
‎06-22-2023 09:21 AM

VMware Converter issue with Windows V2V changes and breaking IIS and Machine Certificates

I am Happy that the VMware Converter is back. using the 6.4. 

I have an issue where a source ESXi 6.7 with a powered off Windows Server 2016 with Exchange 2016 hybrid using BIOS machine type is copied to a new ESXi 7.0.3 server. I changed the disk during copy from thick to Thin since it is used very little.  and we have less storage on the new ESXi host.

Source machine works perfectly and reboot fine no issues.

When powering on the copy on destination ESXi, IIS Admin service will not start.  It seems the machine key/id got changed and the IIS Metabase has an issue with an invalid signature. 

"The IIS Admin Service service terminated with the following service-specific error: Invalid Signature."

 

Since this is an Exchange server I cannot remove IIS Metabase and reinstall it.

I have tried all other fixes with trying to confirm and reset the Machine Cert key NTFS permissions.

I did not get a prompt on destination VM start up asking if I copied or moved it. Like this
Changing or keeping a UUID for a moved virtual machine (1541) (vmware.com)

What can do this on a VM with the Converter?

0 Kudos
9 Replies
mr_vaughn
Contributor
Contributor
‎06-30-2023 09:31 PM

More detail. tried installing Vmware converter on the Windows server and migrate the host itself using windows file level.

Same issue.

Going from thick to thin disk again , because we require the space.

I also tried copying the 3 BIOS lines on the UUID of the VM. and it failed still.

These are the windows system event logs

The IIS Admin Service service terminated with the following service-specific error:  Invalid Signature.

A fatal error occurred when attempting to access the TLS server credential private key. The error code returned from the cryptographic module is 0x8009030D. The internal error state is 10001.

An error occurred while using SSL configuration for endpoint 0.0.0.0:444. The error status code is contained within the returned data.

 

Also in the admin MMC I with addin for Certificate for the local machine try and manage the Private key and get "No keys found for certificate!"

 

I have worked for over 20 years on Windows and certificates and this is the first I have seen something like this.

 

I think on the copy from thick to thin it is loosing NTFS permission or more.

 

 

0 Kudos
hadjer1
Enthusiast
Enthusiast
‎07-02-2023 01:00 PM

Hello,

You don't have to use the converter, you can copy the VM files from the source ESXi to the destination ESXI, and then when you power it on it will ask you did you copy or move question just choose I moved it and the VM will keep same settings as the source.

0 Kudos
Jimmycee
Contributor
Contributor
‎08-16-2023 07:59 PM

Did you ever find a resolution on this one? I am having the same issue

0 Kudos
mr_vaughn
Contributor
Contributor
‎08-16-2023 08:20 PM

no fix.

I spent too much time where then just built a new server and migrated the whole thing.

Really strange that there is this issue.

Have you tried thick copy? vs. going to thin?

 

0 Kudos
mr_vaughn
Contributor
Contributor
‎08-16-2023 08:21 PM

As said before I wanted to go from thick disk to thin disk. and a straight copy would not work.

0 Kudos
Jimmycee
Contributor
Contributor
‎08-16-2023 08:25 PM

Basically I did a cold clone of an SBS 2011 server and have exactly the same issues. IIS and CA is broken on the migrated machine (Happens with cold clone or hot clone with all services off)

I was thinking it was potentially the TPM chip in the new DELL server causing this but havent been able to test this theory. 

I have done about 12 conversions of SBS without issue its just this one. (I know people would say dont do a DC etc)  Only real differences with this migration is the hardware is newer and the ESXi version is also newer 8

 

0 Kudos
Jimmycee
Contributor
Contributor
‎08-16-2023 08:25 PM

Did not change any of the hard drive configuration and they are thick disks

0 Kudos
Jimmycee
Contributor
Contributor
‎08-17-2023 07:27 PM

Confirmed Fixed - Hope this helps others with this issue. 

When converting you need to DESELECT reconfigure destination virtual machine - this preservers the machineGUID - See attachment

Once migrated the VM did not boot with error code The boot selection failed because a required device is inaccessible

This was a super easy fix

  • Put the Windows Server 2008 R2 installation disc in the disc drive, and then start the computer.
  • Press any key when the message indicating “Press any key to boot from CD or DVD …”. appears.
  • Select a language, time, currency, and a keyboard or another input method. Then click Next.
  • Click Repair your computer.
  • Click the operating system that you want to repair, and then click Next.
  • In the System Recovery Options dialog box, click Command Prompt.Type bootrec /RebuildBcd, and then press ENTER 

Once rebooted the system boots and all services running. 

 

 

Preview file
75 KB
rbadam
Contributor
Contributor
‎11-17-2023 12:48 AM

Thanks much!!. This helped us 

0 Kudos