PeterMatthews
asked on
Active Directory on Virtual Server ESX 4.0
We have two Host Vmware ESX 4.0 server and two DC's.
For fault tolerant and faster recovery i want to move both dc's to two seperate Host server.
(one of the DC is also a dhcp server)
Is it a good idea to setup active directory to virtual server environment?
did anyone had any problems?
Thanks
For fault tolerant and faster recovery i want to move both dc's to two seperate Host server.
(one of the DC is also a dhcp server)
Is it a good idea to setup active directory to virtual server environment?
did anyone had any problems?
Thanks
There was a great discussion over at activedir about this a few weeks ago, worth looking at
http://www.activedir.org/ListArchives/tabid/55/view/topic/postid/38204/forumid/1/Default.aspx
Personally we are going to soon virtualize our domain controllers at our regional sites (about 20). Our man hub/HQ site will still always have physical DCs. With the physical boxes we won't run into some of the issues mentioned in the activedir thread.
Thanks
Mike
http://www.activedir.org/ListArchives/tabid/55/view/topic/postid/38204/forumid/1/Default.aspx
Personally we are going to soon virtualize our domain controllers at our regional sites (about 20). Our man hub/HQ site will still always have physical DCs. With the physical boxes we won't run into some of the issues mentioned in the activedir thread.
Thanks
Mike
We successfully ran for several years with virtual Domain Controllers in a VMWare environment and had no adverse issues whatsover. It is a good idea to virtualise servers.
SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
The issue I came across was particularly bad because the storage was on iSCSI SAN which of course also relies on the DNS
it was an interesting task to get it all back up and running again!!
it was an interesting task to get it all back up and running again!!
Yes I agree with demazter. We did have a physical machine which was our backup server and this also had AD and DNS on it. It was also configured with DHCP (disabled) so that if all the virtual machines went off line we could at least get up and working with just this machine on line.
If you have two esx hosts then create a rule to run the DCs on separate hosts. It will also be a good idea to have an IP list for the case something goes terribly wrong.
This is mentioned in prevoius links provided above, but three things I'm thinking of:
1. Never ever restore a snapshot of a DC
2. Make sure disc caching is disabled on the virtual disc holding the AD database. By default caching is enabled, but DCpromo will try to disable it. On ESX 2.5 dcpromo was unable to turn disc caching off.
3. Don't let the guest sync its time with the VM host.
SG
1. Never ever restore a snapshot of a DC
2. Make sure disc caching is disabled on the virtual disc holding the AD database. By default caching is enabled, but DCpromo will try to disable it. On ESX 2.5 dcpromo was unable to turn disc caching off.
3. Don't let the guest sync its time with the VM host.
SG
ASKER
Snusgubben-
1) Once we've virtualised the DC's we will be using Vmware VCB 1.5 to backup the VM's to tape drive, i assume vcb will be taking snapshots. Are you saying should we face catastrophic failure with dc's we should not restore from the backup taken using vcb's?
If yes, could you please guide me to recovery method?
2) Please guide me on how to disable disc caching on vmware esxi 4.0?
3) how do i disable vm sync time with VM Host?
Many thanks
1) Once we've virtualised the DC's we will be using Vmware VCB 1.5 to backup the VM's to tape drive, i assume vcb will be taking snapshots. Are you saying should we face catastrophic failure with dc's we should not restore from the backup taken using vcb's?
If yes, could you please guide me to recovery method?
2) Please guide me on how to disable disc caching on vmware esxi 4.0?
3) how do i disable vm sync time with VM Host?
Many thanks
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER
Thanks for the valuable link, does this link also applies to Windows 2003 Standard server as we're currently using it?
Yes.
It's just a general guidance document.
See here for further information about 2003: http://support.microsoft.com/kb/888794
And also here: http://technet.microsoft.com/en-us/library/dd363553(WS.10).aspx
It's just a general guidance document.
See here for further information about 2003: http://support.microsoft.com/kb/888794
And also here: http://technet.microsoft.com/en-us/library/dd363553(WS.10).aspx
SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
It's disabled in version 4, just checked.
You cannot change it.
You cannot change it.
Incidentally, UPS protection ensure your servers ate shutdown correctly sontjis shouldn't be an issue if the UPS is configured correctly.
True with physical servers, but the ESX host might crash (HW/SW errors), but since the write cache is disable by default on ESXi then this isn't a issue :)
No the write cache is enabled by default and it cannot be changed.
If your using UPS protection (correctly configured) then the virtual servers will shut down correctly therefore this will not be an issue.
I have several virtual environments running, including 1 with 3 ESX hosts, running on an iSCSI SAN which are all configured in this way.
If your using UPS protection (correctly configured) then the virtual servers will shut down correctly therefore this will not be an issue.
I have several virtual environments running, including 1 with 3 ESX hosts, running on an iSCSI SAN which are all configured in this way.
I thought you said it was disable in http:#26170157 ?
I know on ESX 3 and 3.5 you can disabled it because the SCSI emulator do support it. UPS is one thing, but if the ESX host power off/reboots unexpectedly due to HW/SW issues then it doesn't matter if the host got UPS power. All guests will terminate.
I know on ESX 3 and 3.5 you can disabled it because the SCSI emulator do support it. UPS is one thing, but if the ESX host power off/reboots unexpectedly due to HW/SW issues then it doesn't matter if the host got UPS power. All guests will terminate.
oh I see :)
On a ESX 3.5 test environment I got I promoted a 2008 DC then radio button changed to "Optimize for quick removal" during dcpromo. The other none-DCs in the test env. got it ticked like you got.
On a ESX 3.5 test environment I got I promoted a 2008 DC then radio button changed to "Optimize for quick removal" during dcpromo. The other none-DCs in the test env. got it ticked like you got.
Good point!
That is a member server!
Don't have any 2003 DC's to check! They are all 2008 R2.
That is a member server!
Don't have any 2003 DC's to check! They are all 2008 R2.
There is no restriction but there are Considerations when hosting Active Directory domain controller in virtual hosting environments, see this: http://support.microsoft.com/kb/888794
Regards,
Faraz H. Khan