Leggere in inglese

Condividi tramite

Fixing Hyper-V Virtual Machines sticking at 6% starting

  • Articolo

A while ago I noticed that when I started virtual machines on Hyper-V on my laptop – they were taking just over a minute to start.  Looking at the Hyper-V management console showed that for most of this time the virtual machine was sitting at “Starting (6%)” under the status column.

After a bit of investigation I discovered that this was the result of a known issue.  When this happens the cause is usually because there is a problem with Hyper-V finding a valid certificate.  To give a bit more context:

When you start a virtual machines, we start a Remote Desktop listener that will allow you to connect to the virtual machine and view the display of the virtual machine.  In order to do this in a secure fashion – we check certificate store on your computer to find the best available certificate to secure the Remote Desktop connection with.

The problem happens when you have certificates in your certificate store that we are unable to validate.

In my case my laptop had certificates on it that could only be validated when I was connected to the Microsoft corporate networks.  When I was at home it was not possible to validate them.

Luckily – there is a relatively simple fix.  One of our developers, Stefan Wernli, has posted a PowerShell script that will identify a valid certificate and configure Hyper-V to always use that certificate – instead of searching for the best certificate each time you start a virtual machine.

You can grab the script from here: https://gallery.technet.microsoft.com/ScriptCenter/en-us/5b4a7114-218b-466c-a9c1-7eb2f725e707

Cheers,
Ben

Comments

  • Anonymous
    March 17, 2010
    Thanks. Is the problem due to checking for certification revocation (CRL) and time-outs? Totally unrelated, but dude what happened with your hair?

  • Anonymous
    March 17, 2010
    Could this problem exist and be solved with that script in Windows Virtual PC?

  • Anonymous
    March 17, 2010
    I've run into a similar problem with RDP on non-virtualized hosts, as well.  There seem to be some edge conditions that can cause the RDP certificate not to be generated properly during first run.  As you might imagine, this causes problems with RDP later on. Never could find out how to regenerate an RDP cert (or import a cert file as an RDP cert in MMC Certificate snap-in).  Searched and searched and searched -- no blog posts, no forum postings.  Ended up rebuilding the machine from bare metal, and the problem went away. It's nice that there's a workaround for Hyper-V.  But ideally, what should happen is that Remote Desktop should handle the certificate situation better -- and then Hyper-V can hand off the certificate selection job to RDP.

  • Anonymous
    March 31, 2010
    Yep the guy looks like prison escapee now. Why?

  • Anonymous
    April 03, 2010
    Wow. I can't thank you enough. I've been fighting this problem on at least a dozen different servers with Hyper-V, both 2008 and 2008 R2. I can't begin to express how frustrating it has been. I've reinstalled Windows on some of those hosts 3 or 4 times in an attempt to fix this very issue. For the record, the percentage for this issue is different between 2008 and 2008 R2--in 2k8, it was a hang at 30%, while it's 6% in R2. This script seems to fix both.

  • Anonymous
    November 24, 2010
    The comment has been removed

  • Anonymous
    December 01, 2010
    Thanks a million! I've been having this issue with 20 guests on a hyper-v cluster, and in addition to this problem Live Migration would hang at 5% for a few minutes before finally failing. I've been working with MS Support for 3 weeks trying to resolve this and haven't been getting anywhere. Running this script solved it for me right away.

  • Anonymous
    April 22, 2013
    Even a few years later this is still extremely handy to have. Fixed an issue I was seeing, thanks so much!

  • Anonymous
    December 15, 2014
    doesn't work for 2012 R2. I just get Error: Local machine certificate not found.

  • Anonymous
    January 20, 2015
    I just get errors when I run the script? -- At C:tempcertfix.ps1:18 char:96

  • ... Virtualization' `
  •                    ~ Missing closing ')' in expression. At C:tempcertfix.ps1:19 char:9
  •         -name AuthCertificateHash -value ([byte[]]$hexstrarray)
  •         ~~~~~ Unexpected token '-name' in expression or statement. At C:tempcertfix.ps1:19 char:15
  •         -name AuthCertificateHash -value ([byte[]]$hexstrarray)
  •               ~~~~~~~~~~~~~~~~~~~ Unexpected token 'AuthCertificateHash' in expression or statement At C:tempcertfix.ps1:17 char:6
  • }else{
  •      ~ Missing closing '}' in statement block. At C:tempcertfix.ps1:19 char:64
  •         -name AuthCertificateHash -value ([byte[]]$hexstrarray)

Unexpected token ')' in expression or statement. At C:tempcertfix.ps1:20 char:1

  • }
  • ~ Unexpected token '}' in expression or statement.    + CategoryInfo          : ParserError: (:) [], ParseException    + FullyQualifiedErrorId : MissingEndParenthesisInExpression

  • Anonymous
    March 12, 2015
    I see that this is an old post, but recently encountered the a very simular problem. Just want to share my experience. I installed a fresh 2012 R2 VM on Hyper-V 2012 R2. VHDX (version 2), Secure Boot enabled and UEFI. Ended up installing three times before I fixed it. My problem was that my VM got stuck at "updating your system (6%)" after installing Windows Updates. I guess people having the same problem as I did will stumble upon this article. The script didn't fix the problem for me. But that is likely, because this article is actually about an older Hyper-V version. But it seems that lately people that seem to experience the same problem as I did, commented in this post. In my case the problem was update KB3000850: support.microsoft.com/.../en-gb. Read the Known Issues section in this KB. The advice is to install KB2975061 before you install KB3000850. This is how I fixed it: First installed all available Windows Updates EXCEPT KB3000850, but including KB2975061: support.microsoft.com/.../2975061. After completing installation of all Windows Updates, installed KB30000850 again. Problem solved!! Hope this helps....

  • Anonymous
    July 14, 2015
    Well, the problem seems to be the KB30000850, but what we need to do to fix the servers which are stuck on the boot process ? I read something related to delete the pending.xml file on C:windowsWinSxS. That fixed the problem related with the updating system process, but my VM hangs on the boot continuously yet.

  • Anonymous
    January 12, 2016
    Server is not booting.. how I can run this script if server is not booting?