We had a fully functional VMM 2012 system running prior to OS and VMM upgrades, i'll give some background to how it looked when it was working.
Server 1: SCVMM Server, Host & Library: Server 2008 R2 & SCVMM 2012
Server 2: Host & Library only: Server 2008 R2
Server 3: VMM Database location: Server 2008 R2
Server 4: Host running 2008R2 (This was not upgraded)
All three of these servers are located within our SYSENG domain, VMM console users logged in using there company domain credentials (We had a one-way trust between the two domains.)
We upgraded all 3 above servers to Server 2012 R2, I uninstalled VMM2012 and retained the database, installed VMM2012 R2, it upgraded the database. I was able to login with the service account and everything looked the same. The library shares were still connected but I had to remove the hosts because they were showing as "Pending..." and still showing the old OS. I re added the 2 hosts and they showed the correct OS now and all the VM's began populating, except all of the owners on them changed to the service account instead of showing the correct names. Server 4 (That was not upgraded had no issues, just needed the agent updated and its VM's still retained previous owner data)
When logging into the console with a company domain it logs in asked me what role I wanted (in this case Administrator) it lets me modify setting add/remove users and really lets me do anything except deploy VMs. Once I am on the Configure Hardware screen and hit next to go to the Configure Operating system screen it hangs for roughly 30 seconds and then gives me the error:
Error (26726) Either the specified user role or the specified user (COMPANYDOMAIN\<username>) is not valid. User is not a member of the role.
This only happens if the user is in the company domain, if I make a user within theSYSENG domain all is well.I've read through a ton of KB articles and tried just about everything, it was working with a one-way trust before, did something change from VMM2012 to 2012R2? I took a log of my recreating the issue but there is a ton of data. But I can see things like:
UserOrGroup.cs,492,Could not authenticate user: COMPANYDOMAIN\<my username> at this time,{00000000-0000-0000-0000-000000000000}
UserOrGroup.cs,502,User COMPANYDOMAIN\<my username> is either not in cache or rights has expired. Access Rights is False, for RoleSYSENG\CSPROD$
UserOrGroup.cs,536,This is user COMPANYDOMAIN\<my username> is not a group, isrolefor should have worked,{00000000-0000-0000-0000-000000000000}
UserOrGroup.cs,483,Exception Code 5 Details System.ComponentModel.Win32Exception (0x80004005): Access is denied at Microsoft.VirtualManager.Remoting.UserOrGroup.CreateAuthzClientContext(UserOrGroup user, IntPtr resourceManager) at Microsoft.VirtualManager.Remoting.UserOrGroup.AuthzAccessCheck(UserOrGroup role, UserOrGroup user) at Microsoft.VirtualManager.Remoting.UserOrGroup.IsRoleFor(UserOrGroup user),{00000000-0000-0000-0000-000000000000}
UserOrGroup.cs,483,Exception Code 1332 Details System.ComponentModel.Win32Exception (0x80004005): No mapping between account names and security IDs was done at Microsoft.VirtualManager.Certificates.CertificateHelper.GetEffectiveRightsFromAclManaged(String sid, Byte[] accessCheckAcl) at Microsoft.VirtualManager.Remoting.UserOrGroup.IsRoleFor(UserOrGroup user),{00000000-0000-0000-0000-000000000000}
Pretty much all of these errors repeast themselves over and over until it fails to the error 26726
My apologies if this is a mess, but I am at a total a loss.