We installed and create a template on System Center Virtual Machine Manager 2012 SP1. the hosts are Windows server 2012. When we create the machine from the template we got an error:
VMM cannot complete the host operation on the <HOST> server because of the error:The operation failed.
User ‘<VMMAdminUser>’ failed to create external configuration store at ‘c:\ClusterStorage\CSV01\guestVM': A required privilege is not held by the client (0x80070522)
Unknown error (0x8000)
resolve the host issue and then try the operation again.
While the creation of the server is taking place , the Virtual Machine Management Server was not able to create a symbolic link for the machine at “%systemdrive%\ClusterStorage\Volume1\”
By default the local User Right “Create Symbolic links” is assigned to the Adminstrators group. Once you install Hyper-V a extension is installed on this machine that allows Service SIDs to be used and the Service SID “Virtual Machines” is allowed to “Create Symbolic links”
On this client they set the User Right “Create Symbolic links” with a Domain GPO.
Once configured it replaces the local assignment, and for Hyper-V Hosts you’d need to add the “Virtual Machines” Service SID.
The Domain Controller is most likely not a Hyper-V Host, and does not have the necessary Hyper-V extension. Also the GPO Admin tools will not allow you to browse the Service SID namespace. Simply adding the string “Virtual Machines” does not help either as it needs to have the Hyper-V Service SID Prefix “NT VIRTUAL MACHINES”.
To get the necessary Service SID added, you need to edit the GptTmpl.inf that is associated with the GPO on the Sysvol directly. [You need to locate the correct GptTmp.inf by the GPO’s Unique ID]
in this example we edit the GptTmp.inf and we add the Administrators group and the “NT Virtual Machine\Virtual Machines” User.
SeCreateSymbolicLinkPrivilege = *S-1-5-32-544, NT Virtual Machine\Virtual Machines