This is probably better documented else where, but this is documentation for myself with a preamble rant.
To prevent this issue, disable the machine password change in the registry. Here is a rough powershell script to run on your test lab VM's. This will be added to a configure VM master script that will do multiple functions, but I'm starting here because you have to start somewhere.
Disables machine password changes for virtual machines
This script disables machine password changes for Windows 7 Guest VMs
allowing the restoration of older snapshots without losing domain trust.
Note : Elevated permissions are required to execute this script.
Cross-domain scenarios are supported by this script.
Name : Set-DisablePasswordChange.ps1
$result = Get-ItemProperty 'HKLM:\SYSTEM\CurrentControlSet\Services\Netlogon\Parameters' -Name DisablePasswordChange -ErrorAction SilentlyContinue
if ($result.DisablePasswordChange -eq 0)
$result = Set-ItemProperty 'HKLM:\SYSTEM\CurrentControlSet\Services\Netlogon\Parameters' -Name DisablePasswordChange -Value 1 -PassThru
Write-Host "Successfully Disabled Machine Password Change"
elseif ($result.DisablePasswordChange -eq 1)
Write-Host "Machine Password Change is already Disabled"