How to debug TFS Lab Management Network Isolation?

Question

How do I debug the TFS Lab Management Network Isolation process? Currently network isolation goes into a Configuring... state, and never actually completes. There are informational messages in the additional information, but other environments I have complete with these informational messages.

What is the steps the environment is going through when configuring Network Isolation and where can I look to find out why the network isolation stays in the configuring state.

Answer 1

The following was how my environment was structured:

Network Isolated, AD domain with multiple other servers including TMG.

First thing to ensure was that the network connections were being treated as a Public Location, and therefore the first fix was to ensure that they were treated as Private Networks.

       1. Opened Secpol.msc on each of the VM's
       2. Choose Network List Manager Policies
       3. Change Unidentified Networks to Location Type Private
       4. Change Identifying Networks to Location Type Private

Then when I created the environment, I neglected to remove the machines from the domain and add them to Workgroup before storing it in the library. Then whenever deploying the environment from the library, the environment exhibited the behaviour above, i.e. it never achieved network isolation.

To resolve, remove all servers from the domain, add them to Workgroup, store the environment into the library and then deploy a new environment from the library.

Wait for network isolation to be achieved, and then add each of the servers back into the domain one by one. The key here is patience and to wait for network isolation to be achieved, before moving onto the next server.

If network isolation is not achieved after 20 minutes, shut down the environment. Wait 10 minutes and then start it up again. By this time, it should resolve itself.