Still celebrating National IT Professionals Day with 3 months of free Premium Membership. Use Code ITDAY17

x
?
Solved

Hyper V Host Domain Membership - Quick Question

Posted on 2013-05-12
4
Medium Priority
?
616 Views
Last Modified: 2014-11-12
Hi there,

I have a quick question that i hope you can help me with.

What is best practice for a Hyper V host running a virtual domain controller.

My client will be using One physical server running Hyper V 2012, this server will host a Virtual SBS 2011 server.

We are having a debate in work as to weather or not we should add the Hyper V server to the domain?

I have seen the below documents that stipulate the server should be added to the domain, but only if its part of a cluster.

Thanks

http://technet.microsoft.com/en-us/library/ee941123(v=WS.10).aspx

http://blogs.technet.com/b/askpfeplat/archive/2013/03/10/windows-server-2012-hyper-v-best-practices-in-easy-checklist-form.aspx
0
Comment
Question by:BSRIT
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
4 Comments
 
LVL 6

Assisted Solution

by:Inderjeetjaggi
Inderjeetjaggi earned 375 total points
ID: 39160570
According to me and when I have reached so far best practice is generally not to have hosts machines on a domain. it is an additional infrastructure dependency that can put your environment at risk. It can be mitigated, but is an SMB the ability to mitigate is often low and the risks are higher. There is little gain by adding them to a domain so the gains seldom outweigh the risk
0
 
LVL 8

Assisted Solution

by:teomcam
teomcam earned 375 total points
ID: 39160832
IMO it's better to keep the host machine as workgroup. However joining to the domain or not will not make much difference. When you install Hyper-V role, host OS also becomes a kind of Virtual machine!! so does not really matter if it's joined to the domain or not.
0
 
LVL 59

Accepted Solution

by:
Cliff Galiher earned 375 total points
ID: 39161641
The recommendation for a cluster is to avoid a chicken egg scenario. If there is another dc then by all means, join the domain. But if your only dc is virtualize, you hit an issue where the host cones up and will want to authenticate against a dc is is hosting. And that can fail, making serviceability nearly impossible. So the decision isn't cut and dry. It is all dependent on the availability of your AD infrastructure.
0
 
LVL 18

Assisted Solution

by:Sarang Tinguria
Sarang Tinguria earned 375 total points
ID: 39162255
0

Featured Post

What does it mean to be "Always On"?

Is your cloud always on? With an Always On cloud you won't have to worry about downtime for maintenance or software application code updates, ensuring that your bottom line isn't affected.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Compliance and data security require steps be taken to prevent unauthorized users from copying data.  Here's one method to prevent data theft via USB drives (and writable optical media).
A bad practice commonly found during an account life cycle is to set its password to an initial, insecure password. The Password Reset Tool was developed to make the password reset process easier and more secure.
Attackers love to prey on accounts that have privileges. Reducing privileged accounts and protecting privileged accounts therefore is paramount. Users, groups, and service accounts need to be protected to help protect the entire Active Directory …
Are you ready to implement Active Directory best practices without reading 300+ pages? You're in luck. In this webinar hosted by Skyport Systems, you gain insight into Microsoft's latest comprehensive guide, with tips on the best and easiest way…

715 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question