Can windows domain name controller be virtualized?
Yes, it can be virtualized, no we really did not face any kind of troubles (VMWare ESX & VMWare Server 2), and also in my experience, it is virtually the like running the DC on a physical web server.
Microsoft has a write-up with things to consider that deserves analysis.
We've had actually virtualized DC is for several years currently. I would certainly advise making use of at the very least 2 physical hosts arrangement with ESX and also set up with DRS. Within DRS set up a regulation to stop both VM is (I'm thinking you have a PDC and also BDC) from working on the very same host. If your hosts are currently gathered with DRS made it possible for simply arrangement the DRS regulation.
You can configure your ESX hosts to make use of NTP for time updates, and also within your DC is have the vmware devices sync their time with the ESX host.
You can virtualize domain name controllers (I have a couple of for examination objectives).
Cloning : I create VMs so I can duplicate them - constantly advertise to a DC after duplicating. Sysprep (or any kind of various other devices made use of to restore SIDs) damages domain name controllers. You just intend to duplicate without running sysprep in a separated setting (as an example a laboratory supervisor fencing).
It is been a little over a month given that I change our physical DC with a digital. Application is commonly VERY reduced, and also it hasn't had a solitary concern. On an unconnected call right into MS virtualization assistance, I asked a couple of inquiry, and also they really did not have any kind of cautions or cautions to toss at me.
Yes, it can be done. The relevance for doing so is up for discussion.
- See to it time remains synced! This is really vital. A DC with wrong time can create chaos.
- Disable and also do not make use of photos. Changing to an old photo in a domain name with several DCs will certainly cause substantial disorder.
- Do not suspend/pause the domain name controller.
- See to it your VM web server does not get strained.
- I recommend you go for the very least one DC within your domain name on actual hardware, if you have a bigger network.
Could you clarify the photo disorder factor? Isn't changing to a photo mosting likely to imitate recovering from back-up, i.e. it will sync current adjustments from the various other DCs?
The active directory is not made to sustain that. As soon as an upgrade has actually been reproduced, it will certainly not be re - reproduced. Generally if you are recovering the active directory you require to experience an unique procedure. (http://technet.microsoft.com/en-us/library/cc779573.aspx). The KB article Sam Cogan, and also gharper stated especially address this factor.
Specifically, Active Directory does not sustain any kind of method that recovers a photo of the os or the quantity the os stays on. This sort of method creates an upgrade series number (USN) rollback. When a USN rollback takes place, the duplication companions of the inaccurately recovered domain name controller might have irregular things in their Active Directory data sources. In this scenario, you can not make these things regular.
We additionally do not sustain making use of "undo" and also "differencing" attributes in Virtual COMPUTER on running system photos for domain name controllers that run in digital organizing settings.
The Microsoft ADVERTISEMENT group simply uploaded a new write-up concerning how to virtualize domain controllers that includes numerous referrals.