Solved

Converting a Server 2003 DC / TS to Vmware

Posted on 2013-11-29
7
338 Views
Last Modified: 2014-02-27
hi guys,

I have picked up a client who has an old Windows Server 2003 terminal server, which also is the solo domain controller in his office, and also runs an SQL database he had developed many years ago.  The office only has about five PCs and there are two external users/shops who remote into the server.

He is unable to reinstall this customised SQL application as he no longer has a relationship with the people who built it, so as the hardware it is on starts to fail, he has been installing a Shadowprotect image of it onto an identical physical server (he bought a bunch of HP xw8600 workstations some years ago for this purpose).  He has done this a couple of times successfully.

I've suggested to him we virtualise the server so then it is hardware independant and easier to backup and restore in the future.

So my question is - what do i need to look out for when virtualising a domain controller?  I have read many articles warning about the process, and recommending either not doing it, or building another DC first, promoting it, then demoting the original DC to a member server before converting it to a VM.  However, many of the warnings relating to USN issues seem to relate to multiple DC structures and replication problems.  I'm wondering if this would not be so much an issue for a single DC.  If i did virtualise it as is, what steps should i take to minimse any AD issues?  I read somewhere about problems relating to the new NIC created in a VM.

I have actually already created a VM of the server from a recent Shadowprotect image in the workshop just to see if it worked and what obvious issues may arise, and it boots up ok.  I can't see any glaring errors in the event log but I'm not really sure what to look for.

Any advise appreciated.

cheers
nathan
0
Comment
Question by:natrat22
7 Comments
 
LVL 35

Expert Comment

by:Mahesh
Comment Utility
I am not aware with ShadowProtect (may be something like Norton Ghost)

What u can do, setup one physical server with two virtual machines, at client place.
add it to above solo domain as member servers.
Now just promote one VM to ADC of above domain
just transfer all your FSMO roles on new virtual ADC
Then demote physical terminal server to member server
Now take complete server backup (Specially SQL)
Now you can make image (P2V) of physical terminal server and deploy it as a VM on new server.Note that remove any device drivers from physical terminal server prior to start P2V so that you will not face drivers issue most probably after P2V conversion.
may be you can use vmware converter or some else solution for P2V
OR

You can create new VM and just migrate Terminal server role with SQL if possible.

For 2003 domain controller servers, I personally not recommend to virtualalize with P2V technology

Mahesh
0
 
LVL 117

Assisted Solution

by:Andrew Hancock (VMware vExpert / EE MVE)
Andrew Hancock (VMware vExpert / EE MVE) earned 250 total points
Comment Utility
All you need to do is install VMware vCenter Converter Standalone 5.5, in the computer you want to convert, and click the Convert Computer button.

Copy or Convert this file to VMware ESXi, and your almost done.

HOW TO:  P2V, V2V for FREE - VMware vCenter Converter Standalone 5.5

HOW TO: Improve the transfer rate of a Physical to Virtual (P2V), Virtual to Virtual Conversion (V2V) using VMware vCenter Converter Standalone 5.0

HOW TO:  Synchronize changes when completing a P2V or V2V with VMware vCenter Converter Standalone 5.1

If you do this operation, when all the workstations in the office are off, and stop many of the services on the computer you are converting you will be fine.
0
 
LVL 9

Accepted Solution

by:
dipersp earned 250 total points
Comment Utility
You are correct - the warnings and "DO NOT DO THIS" threads for DCs are for when you have multiple DCs.  If you have a single DC, you're fine virtualizing it doing a P2V.

However, I would NOT recommend a DC and TS on the same box.  Split the DC and TS machines from each other.
0
Enabling OSINT in Activity Based Intelligence

Activity based intelligence (ABI) requires access to all available sources of data. Recorded Future allows analysts to observe structured data on the open, deep, and dark web.

 
LVL 1

Author Comment

by:natrat22
Comment Utility
Thanks, yes I totally agree, but it is difficult to convince him to do this due to the cost, and the fact he has been running it this way without issues for some years.
0
 
LVL 117

Expert Comment

by:Andrew Hancock (VMware vExpert / EE MVE)
Comment Utility
Just ask "him" what would do do if the current server failed? e.g. the hardware.

A virtualised server is very easy for DR purposes! As the virtual hardware is the same.
0
 
LVL 4

Expert Comment

by:Haslerct
Comment Utility
Hi,

There will be NO issue to P2v for your client, as he is only running with 1 single DC.

Thanks
0
 
LVL 1

Author Closing Comment

by:natrat22
Comment Utility
ESX standalone converter continually crashed when trying to live convert.  In the end I stripped out all the file shares to reduce the conversion size, then took a Shadowprotect image, then converted the shadowprotect image to a VM using the standalone converter.  There have been no issues with it being a DC.  Thanks guys.
0

Featured Post

What Security Threats Are You Missing?

Enhance your security with threat intelligence from the web. Get trending threat insights on hackers, exploits, and suspicious IP addresses delivered to your inbox with our free Cyber Daily.

Join & Write a Comment

It Is not possible to enable LLDP in vSwitch(at least is not supported by VMware), so in this article we will enable this, and also go trough how to enabled CDP and how to get this information in vSwitches and also in vDS.
David Varnum recently wrote up his impressions of PRTG, based on a presentation by my colleague Christian at Tech Field Day at VMworld in Barcelona. Thanks David, for your detailed and honest evaluation!
Teach the user how to join ESXi hosts to Active Directory domains Open vSphere Client: Join ESXi host to AD domain: Verify ESXi computer account in AD: Configure permissions for domain user in ESXi: Test domain user login to ESXi host:
This tutorial will walk an individual through the process of transferring the five major, necessary Active Directory Roles, commonly referred to as the FSMO roles from a Windows Server 2008 domain controller to a Windows Server 2012 domain controlle…

762 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

5 Experts available now in Live!

Get 1:1 Help Now