Hi,
I have two 2012 R2 Hyper-V clusters which have had a replica broker configured and replica enabled on one VM which worked fine over http. It was then required to change the replica broker name, so the broker from each cluster was removed and a new one created in each cluster with the new name and with the old IP addresses.
Now when we attempt to enable replica on one of the VMs we recieve the error below.
Enabling replication failed.
Hyper-V failed to enable replication.
Hyper-V failed to authenticate using Kerberos authentication.
Hyper-V failed to enable replication for virtual machine 'servername': The target principal name is incorrect. (0x80090322).(Virtual machine ID 4C8EADE0-82DC-4F25-8B95-5BE04A4A20F1)
Hyper-V failed to authenticate the Replica server servername.domain.com using Kerberos authentication. Error: The target principle name is incorrect. (0x80090322)
I have looked at the SPN for each of the hyper-v nodes involved and the broker accounts and all of them seem to have the correct SPNs including
Hyper-V Replica Service/servername
Hyper-V Replica Service/servername.mydomain.com
Microsoft Virtual Console Service/servername
Microsoft Virtual Console Service/servername.mydomain.com
Microsoft Virtual System Migration Service/servername
Microsoft Virtual System Migration Service/servername.mydomain.com
I have also check DNS for duplicate entry's and check the account delegation for the hyper-v hosts and the destination hosts have the source host with cifs, http, hyper-v replica service, Microsoft virtual console service and Microsoft Virtual System Migration Services which is more than I think they need. This is not however configured on
the broker accounts.
Domain functional level is only 2003 because there are a couple of old DC's as well as 2012 but it was working before so not sure that is a problem. Any help would greatly be appreciated this is driving me mad!
Kind Regards Michael