?
Solved

Domain Controller on a 2008 R2 Server host Hyper-V servers

Posted on 2013-01-09
4
Medium Priority
?
265 Views
Last Modified: 2016-11-23
Hi, we have several ( 4 with an additional spare ) new Dell servers that are all set up with Hyper-V and each is hosting several virtual machines on them. We have a 2003 AD and want to upgrade to 2008 AD and remove the 2003 64-bit domain controllers (older physical computers). Doing the research it looks like it is not recommended to put all of your DCs (or any according to some) on a virtual machine. Need some opinion on that, but also on if it is safe to make the actual hosting server a DC knowing that I can't reboot it without killing all of the VMs on that host. I rarely ever have to do a non-scheduled reboot of a DC so I'm anticipating the same once we go to 2008 DCs. Opinions requested for best way to go. I would like to add two DCs. Also, I have a remote location with a 2003 DC that I can't replace right now. Can it remain as a DC even though it is 2003 or do I have to remove that role from it?

Thanks
0
Comment
Question by:OGDITAdmin
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
4 Comments
 
LVL 4

Accepted Solution

by:
tpitch-ssemc earned 501 total points
ID: 38760122
I would recommend at least 1 physical DC. You can upgrade to 2008 and still keep your 2003 DC until such time you can replace it. Just don't upgrade your Forest to a 2008 only domain (which is a manual process). We just recently upgraded our DCs to 2008 and our forest; before we had a 2003 DC running.

As far as the virtual suggesstions, I've run DCs in a virtual environment. I had 2 virtual at our main location and a 3rd at a remote site that was physical. I know people that don't like to run DCs virtually, but I've never had a single issue. The only thing I would make sure that your DCs get their time from a public source at not the host server. Also, don't do any type of snapshotting for protection of the DCs- your objects in AD change very often and recovering from a snapshot will cause unexpected results.

And I would not recommend running your Hyper-V host box as a domain controller. That's just my recommendation.
0
 
LVL 26

Expert Comment

by:Leon Fester
ID: 38760998
Microsoft support 2008 and higher Domain Controllers on Hyper-V.

Have a read through the planning guide for DC virtualization.
http://technet.microsoft.com/en-us/library/virtual_active_directory_domain_controller_virtualization_hyperv(v=ws.10).aspx
0
 
LVL 20

Assisted Solution

by:Svet Paperov
Svet Paperov earned 498 total points
ID: 38761282
The only issue with all DC in virtual environment will be if you want to put the host servers in the same domain: you could end up unable to logon on the Hyper-V host servers if all DC are down.

I would recommend placing the Hyper-V servers on dedicated IP subnet and domain/workgroup. I am running two Hyper-V servers in a workgroup hosting my both domain controllers. In such configuration you do not depend on the DC to logon on the host servers. The only tricky part is configuring remote management with Hyper-V Manager but it works thanks to HVRemote http://archive.msdn.microsoft.com/HVRemote and http://blogs.technet.com/b/jhoward/archive/2008/11/14/configure-hyper-v-remote-management-in-seconds.aspx. Unfortunately, we still don’t have a version of HVRemote that works with Hyper-V 2012 and Windows 8.
0
 
LVL 4

Assisted Solution

by:palicos
palicos earned 501 total points
ID: 38762273
I'm supposed to say something about best practices. Don't enable any other roles in the parent partition (i.e., the physical Hyper-V server), don't run any applications in the parent partition, have a second physical server for AD, etc.

Using separate physical drives like you are planning to do is a great idea.
For instance, suppose, if you have 32 GB of ram, make sure that you don't allocate more than 30 GB of ram to the running virtual machines. In your case, you need to hold back more than 2 GB of ram. Find the amount of ram used by a physical domain controller and add 2 GB to that to come up with your custom hold back amount.

Refer this link

http://support.microsoft.com/kb/888794?wa=wsignin1.0

Running your ONLY DCs as virtuals will work fine.  I run many small networks consiting of a single blade servers running Win2008R2 SP1 w/Hyper-V and all the resources are virtual servers and PCs on that same single blade.  When booting a blade from scratch the Hyper-V services start, I have my DC VMs set to autostart first with the rest delayed to give the DCs time to fully come up.

I may not be too clear but what i have experience I stated that.

Hope it helps you.
0

Featured Post

What does it mean to be "Always On"?

Is your cloud always on? With an Always On cloud you won't have to worry about downtime for maintenance or software application code updates, ensuring that your bottom line isn't affected.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

In previous parts of this Nano Server deployment series, we learned how to create, deploy and configure Nano Server as a Hyper-V host. In this part, we will look for a clustering option. We will create a Hyper-V cluster of 3 Nano Server host nodes w…
For anyone that has accidentally used newSID with Server 2008 R2 (like I did) and hasn't been able to get the server running again because you were unlucky (as I was) and had no backups - I was able to get things working by doing a Registry Hive rec…
This tutorial will walk an individual through the steps necessary to join and promote the first Windows Server 2012 domain controller into an Active Directory environment running on Windows Server 2008. Determine the location of the FSMO roles by lo…
There are cases when e.g. an IT administrator wants to have full access and view into selected mailboxes on Exchange server, directly from his own email account in Outlook or Outlook Web Access. This proves useful when for example administrator want…
Suggested Courses

764 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question