AWS re:Post을(를) 사용하면 다음에 동의하게 됩니다. AWS re:Post 이용 약관
AWS re:Postre:Post

NLA error after updating instance type

0

Hello,

Have a domain joined t3.2xlarge instance that I would like to upgrade to m6i.2xlarge according to the compute optimizer recommendation. But after modifying the instance type, I receive the NLA error: NLA error Cannot even RDP using the local Administrator account, the same NLA error displays.

This instance exists in ap-southeast-2 and done a few tests.

  1. Changing back to t3.2xlarge, connected using domain credentials OK
  2. Changing to m5.2xlarge, connected using domain crendentials OK
  3. Added another NIC when it was on m6i.2xlarge, NLA error on the second interface.
  4. (Don't think this matters, the instance is HVM) Upgraded to the latest PV driver, changing instance type to m6i.2xlarge, NLA error.
  5. Launched a m6i.2xlarge instance in a different subnet(AZ), joined domain OK, connected using domain crendentials OK; changed to t3.2xlarge, NLA error; changed back to m6i.2xlarge, connected using domain crendentials OK
  6. Launched another m6i.2xlarge instance in the same subnet as the t3.2xlarge, swapped the root volume, NLA error. Swapped back the volumes, connected OK.

Has anyone encountered this fault? How can I perform the necessary upgrade?

Kind regards, Ken

주제
컴퓨팅관리 및 거버넌스
태그
아마존 EC2AWS 컴퓨팅 옵티마이저윈도우 프로비저닝
언어
English
Ken
질문됨 일 년 전411회 조회
1개 답변
0
수락된 답변

Managed to isolate the cause after performing some rescuing via SSM. The issue seems to stem from the upgrade from the CPU generation leap.

I had always thought each component, Storage, Compute, and Networking are separate, but the ENI config was lost during the upgrade, so the server had trouble (i.e. did not know where the DNS server is) contacting the DCs for authentication. Without this link to the DCs, NLA will never be met.

So if you are going to upgrade to the latest generation.

  1. While on the current instance type (while you can RDP to the EC2 instance), navigate to System Properties and go to the Remote tab.
  2. Untick the NLA option and apply and save the change.
  3. Shutdown the instance and change to the desired instance type.
  4. RDP to the instance using the Administrator account.
  5. Here you will see that the network interface configuration is empty, so add your DNS server IP address back in here.
  6. Confirm you have a connection to the DCs by pinging or something of the sort, then repeat step 1, but this time enable the NLA option and save.

Reboot and Voilà, you should now have access to the EC2 instance using your domain logins again.

Ken
답변함 일 년 전

로그인하지 않았습니다. 로그인해야 답변을 게시할 수 있습니다.

좋은 답변은 질문에 명확하게 답하고 건설적인 피드백을 제공하며 질문자의 전문적인 성장을 장려합니다.

질문 답변하기에 대한 가이드라인

관련 콘텐츠