[2 days left] What’s wrong with your cloud strategy? Learn why multicloud solutions matter with Nimble Storage.Register Now

x
?
Solved

Vmware and Domain controllers, and exchange

Posted on 2010-09-22
10
Medium Priority
?
834 Views
Last Modified: 2012-08-13
What are best practices for running Exchange 2007 and/or Windows 2008 Domain controller in a virtual (vmware environment)
What are recommended guest Os settings \ Tweaks.

Thanks
0
Comment
Question by:bntech
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 6
  • 4
10 Comments
 
LVL 40

Accepted Solution

by:
coolsport00 earned 2000 total points
ID: 33735553
No issues with Exchange (I run it virtual). Just follow the sys req's for an Exchg box (resources - memory, CPU, etc.) and you'll be fine.

Here are best practices, etc. for virtualizing AD from MS, VMware, and others:
http://support.microsoft.com/kb/888794
http://www.activedir.org/ListArchives/tabid/55/forumid/1/tpage/1/view/topic/postid/38204/Default.aspx
http://blogs.msdn.com/b/virtual_pc_guy/archive/2008/11/24/the-domain-controller-dilemma.aspx
http://kb.vmware.com/kb/1006996
DC Recovery:
http://technet.microsoft.com/en-us/library/cc772519(WS.10).aspx

And here's a good EE thread from a few months ago on AD virtualization:
http://www.experts-exchange.com/Software/VMWare/Q_25739129.html?sfQueryTermInfo=1+10+30+control+domain

It also discusses time sync, which is of utmost importance to consider as well.

Hope that helps.

Regards,
~coolsport00
0
 
LVL 40

Expert Comment

by:coolsport00
ID: 33735570
Oh, and here's 1 more good article on virtualizing AD:
http://www.petri.co.il/domain-controller-virtualization-options.htm

:)
~coolsport00
0
 
LVL 1

Author Comment

by:bntech
ID: 33735932
In recap I should do as follows:
•have one physical DC -- I cant do this, as all dcs are virtualized (however spread across multiple host)
•Disable time synchronization for the domain controllers. (Is this unchecking the time sync box in vmware tools) we use vmware
•Balance FSMO roles -- what is best practice on spliting
•configure startup/shutdown on guest Oses for dcs
•Dont use snapshots

So no known registry or system setting tweaks?
What is recommended for write cache and disabling, i read it in one of the articles, but didnt follow it
Any other tweaks or best practices in general for any kind of dc. I want it to be fast, reliable, and stable
0
NFR key for Veeam Agent for Linux

Veeam is happy to provide a free NFR license for one year.  It allows for the non‑production use and valid for five workstations and two servers. Veeam Agent for Linux is a simple backup tool for your Linux installations, both on‑premises and in the public cloud.

 
LVL 40

Expert Comment

by:coolsport00
ID: 33736007
1. Actually, no...you don't need 1 phys (I don't). VMware recommends it, but I think it's not needed.
2. For time sync -> configure an ATS in your domain...in this case it would be your sole DC. Then, configure your ESX/i host to see your ATS to get its time. Actually, you'll need to verify that time sync with ESX/i host is UNCHECKED in VMware Tools within your VMs (I believe it is by default). All clients and servers will 'see' your domain ATS as its time server (see this MS KB: http://support.microsoft.com/kb/816042)
3. Balancing FSMO roles requires you to have > 1 DC. If you don't have that, then you can't. This MS KB explains best placement: http://support.microsoft.com/kb/223346

The only registry tweak would be for your ATS, if W2K8 is similar to configure for ATS as it is in W2K3 (not implemented W2K8 yet).

Hope that helps.

Regards,
~coolsport00
0
 
LVL 1

Author Comment

by:bntech
ID: 33736061
sorry for my ignorance but what is ATS and how do you configure ATS on both ESX and Domain
0
 
LVL 40

Expert Comment

by:coolsport00
ID: 33736116
No worries...I apologize for not clarifying...it means "authoritative time server". I provided the link in how to configure for your domain above. For ESX, you configure under Configuration tab -> Time Configuration, and add your time server host name or IP. It will then sync its time with your ATS.

~coolsport00
0
 
LVL 1

Author Comment

by:bntech
ID: 33736261
Yea -- I already did this, and pointed to an external time source server, us.pool.ntp.org
The thing is i also configured ESX to use the same external time source -- should esx point to the internal DC.. If the DC is down then it wont be able to sync its time
0
 
LVL 40

Expert Comment

by:coolsport00
ID: 33736275
Yeah..see, for you, it would indeed be different being that you only have 1 DC. Yes, I recommend doing that for your ESX hosts.

~coolsport00
0
 
LVL 1

Author Comment

by:bntech
ID: 33736380
i actaully have two dc's -- sorry i might of been clear and mis wrote. Both are virtual
To clarify you would make esx point to the internal dc or external time source (which)
0
 
LVL 40

Expert Comment

by:coolsport00
ID: 33736392
Oh...thought you had 1. Yes, point to the internal. If it goes down...your other DC would 'take over' time sync until you get your primary back online.

~coolsport00
0

Featured Post

 [eBook] Windows Nano Server

Download this FREE eBook and learn all you need to get started with Windows Nano Server, including deployment options, remote management
and troubleshooting tips and tricks

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Here in this article, you will get a step by step guidance on how to restore an Exchange database to a recovery database. Get a brief on Recovery Database and how it can be used to restore Exchange database in this section!
If something goes wrong with Exchange, your IT resources are in trouble.All Exchange server migration processes are not designed to be identical and though migrating email from on-premises Exchange mailbox to Cloud’s Office 365 is relatively simple…
This tutorial will walk an individual through setting the global and backup job media overwrite and protection periods in Backup Exec 2012. Log onto the Backup Exec Central Administration Server. Examine the services. If all or most of them are stop…
This video shows how to quickly and easily add an email signature for all users on Exchange 2016. The resulting signature is applied on a server level by Exchange Online. The email signature template has been downloaded from: www.mail-signatures…

656 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question