Still celebrating National IT Professionals Day with 3 months of free Premium Membership. Use Code ITDAY17

x
?
Solved

Windows 2012 R2 Host

Posted on 2014-12-03
13
Medium Priority
?
94 Views
Last Modified: 2014-12-10
We have setup a variety of W2012 R2 Host running Hyper-V that house various W2012 virtual clients. As part of our setup we always keep the Host on a workgroup and never join in to the local domain. In one particular setup we have been asked to join the Host to the domain

Can anyone provide a kb article as to whether or not it is a good practice to join a W2012 Host to a domain?
0
Comment
Question by:bnrtech
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 5
  • 4
  • 3
  • +1
13 Comments
 
LVL 7

Accepted Solution

by:
Thomas Wheeler earned 1000 total points
ID: 40480017
I don't have a specific kb but I join my hosts to the domain without issue.
0
 
LVL 59

Assisted Solution

by:Cliff Galiher
Cliff Galiher earned 1000 total points
ID: 40480019
Microsoft invested a lot of resources in making it safer to join hyper-V hosts to a domain in 2012 and beyond. I am unaware of any single KB article, but the various notes are spread across the "what's new" documents for various roles. It is considered by most to be a safe practice with 2012 and 2012 R2 now.
0
 

Author Comment

by:bnrtech
ID: 40480029
Thomas and Cliff - Thank you both. I am going to research a bit more as the site that this project applies to is asking us for documented confirmation.

Am I correct in thinking that your Hyper-V session to the virtual clients works in a normal fashion?

If it matters any....we already have the virtual clients up and running and now they are asking us to join the host to the domain
0
Back Up Your Microsoft Windows Server®

Back up all your Microsoft Windows Server – on-premises, in remote locations, in private and hybrid clouds. Your entire Windows Server will be backed up in one easy step with patented, block-level disk imaging. We achieve RTOs (recovery time objectives) as low as 15 seconds.

 
LVL 59

Expert Comment

by:Cliff Galiher
ID: 40480048
Joining the host to the domain allows the server to be managed centrally, group policy, etc. It doesn't directly impact VMs on its own.
0
 
LVL 7

Expert Comment

by:Network Zero
ID: 40480062
Hey! I'm guessing you want more of the security aspect of it

http://www.altaro.com/hyper-v/7-keys-to-hyper-v-security/

Now here's a why it would be a bad idea for that windows 2012 r2 server to be a DC

http://www.altaro.com/hyper-v/reasons-not-to-make-hyper-v-a-domain-controller/

a different one -> http://www.altaro.com/hyper-v/demystifying-virtualized-domain-controllers-part-1-myths/

Here's one from Microsoft -> http://blogs.msdn.com/b/virtual_pc_guy/archive/2008/11/24/the-domain-controller-dilemma.aspx

And finally one about windows 2012 having Active directory running on it - http://windowsitpro.com/identity-management/virtualization-safe-active-directory-windows-server-2012

:) let me know if this helped
0
 

Author Comment

by:bnrtech
ID: 40480066
Understood. In the morning I will see if I can get everyone on board with joining it to the domain and then report back. I searched quite a bit on the Internet and I cannot find any documentation that points to it being good or bad
0
 
LVL 7

Expert Comment

by:Network Zero
ID: 40480075
http://blogs.msdn.com/b/virtual_pc_guy/archive/2008/11/24/the-domain-controller-dilemma.aspx

This article by a Microsoft Engineers explains why it's a bad idea but it has to more with 2008 then 2012.

I would not make it a domain controller at first I would treat like a normal server and make sure it's set up correctly.
0
 

Author Comment

by:bnrtech
ID: 40480080
Francisco - Thank you for these details. In joining to the domain we would not make it a DC and will not be running DNS, DHCP, Exchange or SQL. Our plan is to add it only as a normal server.
0
 
LVL 7

Expert Comment

by:Network Zero
ID: 40480085
Sounds good. At my company we have a large number of virtual servers on domains, I would actually be more concerned about the firewall then the practice it's self.

There's even company's out there that have all there servers running virtually using Hypher-V, Xenserver or V sphere.

 One really good thing about having a server on a domain is being able to backup the VHDX hard drive and keep it on say a raid 1, good for diaster recovery scenario's.
0
 
LVL 59

Expert Comment

by:Cliff Galiher
ID: 40480086
@Francisco: I don't think the OP ever mentioned making the host a DC. There is a big difference between discussing joining an existing domain as a member server and adding a new role, such as ADDS. While what you've posted is in fact accurate, it is based on an inference I'm not seeing.
0
 
LVL 7

Expert Comment

by:Network Zero
ID: 40480092
@Cliff: My apologizes - I'm referencing the closest thing I found to a KB article from a Microsoft engineer "The Domain Controller Dilemma" - http://blogs.msdn.com/b/virtual_pc_guy/archive/2008/11/24/the-domain-controller-dilemma.aspx - He discussed not adding a Hyper V server on to a domain particularly running as a DC"  I did take into consideration that it was written in 2008 so it may not 100% directly go with 2012 R2.

Most of the reference material I found directly go against having a Hyper-V server running as DC - Personally I'm not 100% agreeing with the data - I've seen tons of Virtual server running as DC. But he asked for a article so that's where I quoted that from.
0
 

Assisted Solution

by:bnrtech
bnrtech earned 0 total points
ID: 40482826
We joined to the domain and all looks good. It took a lot of searching but I finally did find this reference on the web....

http://technet.microsoft.com/en-us/library/ee941123%28v=ws.10%29.aspx
0
 

Author Closing Comment

by:bnrtech
ID: 40490915
my post notes a MS article as a reference for details
0

Featured Post

How Blockchain Is Impacting Every Industry

Blockchain expert Alex Tapscott talks to Acronis VP Frank Jablonski about this revolutionary technology and how it's making inroads into other industries and facets of everyday life.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

A procedure for exporting installed hotfix details of remote computers using powershell
How to deal with a specific error when using the Enable-RemoteMailbox cmdlet to create a mailbox in the cloud-based service, for an existing user in an on-premises Active Directory.
In this Micro Tutorial viewers will learn how to restore their server from Bare Metal Backup image created with Windows Server Backup feature. As an example Windows 2012R2 is used.
This tutorial will walk an individual through the process of transferring the five major, necessary Active Directory Roles, commonly referred to as the FSMO roles from a Windows Server 2008 domain controller to a Windows Server 2012 domain controlle…

705 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question