I have two forests with a two way trust between them. VMM 2012 sits in ForestA and I can discover hosts in ForestA with no issue. When I try to discover hosts in ForestB I hit one of two issues:
If I go through the GUI or use Powershell just like I normally do I get the following error on the job:
Error (10407)
Virtual Machine Manager could not query Active Directory Domain Services.
Recommended Action
Verify that the domain name and the credentials, if provided, are correct and then try the operation again.
It doesn't matter which account I use. I've tried accounts from both forests, with Admin/Domain Admin permissions all over the place, etc
Going through the GUI (can't find the switch in Powershell to duplicate this), I check the box "Skip AD Verification" and it causes the GUI to crash during discovery.
I found an article (http://technet.microsoft.com/en-us/library/gg610641.aspx) that describes how to add a host in a disjoint namespace (even though that doesn't apply to me) and it says that VMM creates an SPN if one does not exist. So I verified that the correct SPN's exist in ForestB, that did not help the issue.
I have a case open with PSS but they are stuck. I have VMM traces if anyone would like to see them.
Any suggestions or ideas?
