Want to protect your cyber security and still get fast solutions? Ask a secure question today.Go Premium


Hyper-V as FSMO server (PDC) and SBS 2011 as VM

Posted on 2011-10-19
Medium Priority
Last Modified: 2012-06-27

Just wondering is it's possible the added DC role to an Hyper-V server which contains a SBS 2011 Prem. If so, can the Hyper-V server be the FSMO (PDC)? The reason for this is that I'm thinking of a DR Scenario, where the first machine to be restored is the Hyper-V server then the VMs.

Any thoughts
Question by:Nutzo247
  • 4
  • 4
LVL 78

Expert Comment

by:Rob Williams
ID: 36992948
You cannot run Hyper-V on SBS, which appears you are aware of, but it can be a hsot for SBS.
If you have a full version of server 2008 running as the hyper-v host it can be a domain controller, though not recomended, but it cannot hold any FSMO roles in an SBS domain. They must remain on the SBS.
You also cnnot add any roles to the free version of Hyper-v that comes with the SBS premium add-on or the free command line versions. Those 2 versions are limited to being a Hyper-V host only. To add roles you need another ful version of server std, or enterprise

Author Comment

ID: 36993152
Thanks RobWill.

Yes it will be a SBS 2011 premium -addon, which includes a full version of Windows server 2008r2. But I think I need to explain abit more what I trying to do......
the SBS 2011 will be VM, on a Hyper-V server which uses SCVMM 2008r2 (workgroup) to manage the VMs. SCVMM only works is the domain fuctional level is windows 2003 and that the Hyper-V server is on the domain.
If the Hyper-V server has DC role enable and it's not FSMO, when the SBS 2011 is restored from a DR, will AD have an issue if the second DC (Hyper-V server) is restored first and then FSMO server (SBS 2011 VM)?
LVL 78

Expert Comment

by:Rob Williams
ID: 36993682
>>"Yes it will be a SBS 2011 premium -addon, which includes a full version of Windows server 2008r2."
SBS premium gives you:
Full Server 2008 R2
Server 2008 which can be used only as a hyper-V server (no other roles cam be added
If you use the full server 2008 R2 license as the host you can add roles, but most people use that as a TS or application server.

It is generally not recommended the hyper-V host be domain joined, as AD & DNS are not available when it boots up. If you made the Hyper-V a DC I suppose that would not be an issue.
To clarify another point, SBS has a few limitations; one being it must retain all FSMO roles. That does not stop you from adding other DC's, but they cannot hold any of the FSMO roles. Many folk do use the free hyper-V license for the host and install the 2008 R2 license as a second VM and DC/DNS server. I haven't seen any one install AD/DNS on the Host, in an SBS environment, but if licensed it should be OK.

As for restoring SBS. If restoring from full backup, it should not be a problem, assuming tombstoning doesn't come into play. If rebuilding SBS and trying to re-introduce into the domain, that is a whole new set of problems. That becomes a migration with SBS and I would avoid that scenario.

Though I have secondary DC's in a few SBS environments it generaly is not an advantage. SBS is such a major part of the domain that without it you lose most functionality such that the second DC primarily just allows DNS for internet access.
2017 Webroot Threat Report

MSPs: Get the facts you need to protect your clients.
The 2017 Webroot Threat Report provides a uniquely insightful global view into the analysis and discoveries made by the Webroot® Threat Intelligence Platform to provide insights on key trends and risks as seen by our users.


Author Comment

ID: 36994725
Agreed!!!! FSMO roles needs to stay with SBS 2011,
How about a secondary physical server that is Management server which has:
- Backup function for Hyper-V and itself
- SCVMM 2008r2
LVL 78

Expert Comment

by:Rob Williams
ID: 36994918
I am not sure what you are asking in your last post, but from what I understand I see no problem.

Author Comment

ID: 36995554
Sorry I was in a hurry to get out of the office.....

The managment server, will backup the Hyper-V server with the VMs (including SBS 2011) and itself. The management server will have SCVMM installed and be a Read only Domain Controller.

The reason why I need SCVMM is that I have another Hyper-V server used for testing VMs and if the testing is complete, I can then move the VM to the production Hyper-V server.

My question is, after the DR the management server will be the first server restored then the Hyper-V server. Will there be an issue with AD if the RODC is booted first then the SBS 2011?
LVL 78

Accepted Solution

Rob Williams earned 1500 total points
ID: 36995596
>>"Will there be an issue with AD if the RODC is booted first then the SBS 2011"
No that is not problem. The problem is only if trying to rebuild an SBS server from scratch within an existing domain. Doing a restore is no problem, and boot sequence is no problem.

Author Closing Comment

ID: 37013370
I've got enough to work on and thanks for your feedback.

Featured Post

Cyber Threats to Small Businesses (Part 2)

The evolving cybersecurity landscape presents SMBs with a host of new threats to their clients, their data, and their bottom line. In part 2 of this blog series, learn three quick processes Webroot’s CISO, Gary Hayslip, recommends to help small businesses beat modern threats.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Will try to explain how to use the VMware feature TAGs in the VMs and create Veeam Backup Jobs using TAGs. Since this article is too long, I will create second article for the Veeam tasks.
This article will explain How to fix Broken backup chain in Veeam Backup & Replication.
In this video tutorial I show you the main steps to install and configure  a VMware ESXi6.0 server. The video has my comments as text on the screen and you can pause anytime when needed. Hope this will be helpful. Verify that your hardware and BIO…
Video by: ITPro.TV
In this episode Don builds upon the troubleshooting techniques by demonstrating how to properly monitor a vSphere deployment to detect problems before they occur. He begins the show using tools found within the vSphere suite as ends the show demonst…
Suggested Courses

581 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question