Solved

Active Directory on Virtual Machines

Posted on 2010-11-30
7
601 Views
Last Modified: 2012-05-10
We are considering installing Active Directory as a Guest on a virtual machine.

Is there any reason we should not do this?
0
Comment
Question by:Tony_Rhoades
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
7 Comments
 
LVL 27

Accepted Solution

by:
KenMcF earned 100 total points
ID: 34241628
Read throught this artilce there are a few things you should not do.
Snaps shots and having the DC get its time from the hosts are two big ones.

http://support.microsoft.com/kb/888794
0
 
LVL 57

Assisted Solution

by:Mike Kline
Mike Kline earned 100 total points
ID: 34241636
We run most of our DCs on VMWare (Hyper V is good too).  I'm all for virtualizing DCs and it is supported.  There was a recent thread about this that I was a part of

http://www.experts-exchange.com/Software/VMWare/Q_26571188.html

I don't feel like typing all that again so take a look at that thread and the links (the MS team had some blog entries that I also included)

Thanks

Mike
0
 
LVL 40

Assisted Solution

by:coolsport00
coolsport00 earned 100 total points
ID: 34241638
There have been many posts on this. Simple answer...no, no problems with doing so. Things to consider? Yes. See a recent previous EE post on the topic:
http://www.experts-exchange.com/Software/VMWare/Q_26571188.html?sfQueryTermInfo=1+10+30+activ+directori+virtual

http://www.experts-exchange.com/Software/VMWare/Q_26621071.html?sfQueryTermInfo=1+10+30+activ+directori+virtual

Regards,
~coolsport00
0
Problems using Powershell and Active Directory?

Managing Active Directory does not always have to be complicated.  If you are spending more time trying instead of doing, then it's time to look at something else. For nearly 20 years, AD admins around the world have used one tool for day-to-day AD management: Hyena. Discover why

 
LVL 96

Assisted Solution

by:Lee W, MVP
Lee W, MVP earned 100 total points
ID: 34241639
Not disagreeing with KenMcF, but my perspective - don't do snapshots and don't make it your ONLY DC (that is, keep at least ONE physical DC).  Also, disable time sync between the VM and the host server.  (AD should keep itself up to date with an NTP server and syncing between guest and host on a DC can create problems).
0
 
LVL 57

Expert Comment

by:Mike Kline
ID: 34241702
In our case we will be going to all virtual DCs but we have 16 hosts and a reliable SAN....and a separate data center with the same setup thousands of miles away so we are not putting all our eggs in one basket but generally I'd agree keep a physical DC if you don't have that sort of redundancy.

Thanks

Mike
0
 
LVL 23

Assisted Solution

by:Luciano Patrão
Luciano Patrão earned 100 total points
ID: 34242188
Hi

Like the rest of the EE inform, there is no problem. But i also agree that if you have a spar(even a old desktop/server) create a physical DC at least as a GC. If you have a good VMs backup(like Veeam) then you can restore quickly a DC, but if not, create a spare DC for any inconvenient with your VMware environment.

There is some documentation about this, read it.

http://www.vmware.com/resources/techresources/10029
http://www.vmworld.com/docs/DOC-2290
http://www.dabcc.com/article.aspx?id=13056

Jail
0
 

Author Closing Comment

by:Tony_Rhoades
ID: 34274422
Thank you to everyone who provided input on this one.  I am new to AD and all the input was very helpful
0

Featured Post

Office 365 Training for IT Pros

Learn how to provision Office 365 tenants, synchronize your on-premise Active Directory, and implement Single Sign-On.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Title # Comments Views Activity
Esxi host disconnected in Vcenter 26 119
Application of a group policy 11 64
DNS logs 1 20
List all groups and nested groups in AD with powershell 4 23
This article explains the steps required to use the default Photos screensaver to display branding/corporate images
Auditing domain password hashes is a commonly overlooked but critical requirement to ensuring secure passwords practices are followed. Methods exist to extract hashes directly for a live domain however this article describes a process to extract u…
This video shows you how easy it is to boot from ISO images for virtual machines with the ISO images stored on a local datastore on the ESXi host.
Microsoft Active Directory, the widely used IT infrastructure, is known for its high risk of credential theft. The best way to test your Active Directory’s vulnerabilities to pass-the-ticket, pass-the-hash, privilege escalation, and malware attacks …

738 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question