Want to protect your cyber security and still get fast solutions? Ask a secure question today.Go Premium

x
?
Solved

Hyper-V and Windows Server 2012 domain controller as a VM

Posted on 2015-01-20
3
Medium Priority
?
206 Views
Last Modified: 2015-01-30
Quick Environment Configuration:
At the moment we have two domain controller's (Primary: Windows Server 2003 and a replicating partner that is a physical Windows Server 2012).  We are a small office with 20 AD users.  The Domain Functional Level and Forest Functional levels are both at Windows Server 2003.  The Windows Server 2003 server holds all the FSMO roles.

AD Upgrade Path:

Add a second VM as a new Windows Server 2012 DC.  Move the FSMO roles to the other physical Windows Server 2012 DC.  Demote and remove the Windows Server 2003 machine.  

Hypervisor Config:

I have a Windows 2012 Standard Hypervisor with one Exchange 2010 VM running on it.  There are a total of 4 physical NICs on this server.  I enabled NIC teaming using two NICs as members of the team.  The Hypervisor NIC is segregated and is not part of the team.  So I now have one physical NIC left right now.

I have a virtual switch configured by the name of VM Switch (Team) which uses the NIC team.  I thought I'd mention this just in case.

VM installation options on Hypervisor:

I am contemplating adding the third physical NIC as part of the existing NIC team (VM Switch (Team)) which is currently dedicated to the sole  Exchange Server 2010 or create another virtual switch dedicated for the newly created Windows Server 2012 DC. I like the idea of having separate dedicated virtual switches isolating the traffic destined for each VM, but then again it might not be necessary or overkill.

Referencing the disk storage allotted to the new domain controller, I am thinking the most simplistic approach is using one sole virtual disk to create the VM to house the NTDS.dit, logfiles, and SYSVOL folder.  Not sure about best practices on this right now.  Looking for the simplest setup as possible,

Any advice and supporting documentation is greatly appreciated.
0
Comment
Question by:cmp119
  • 2
3 Comments
 
LVL 40

Accepted Solution

by:
Philip Elder earned 2000 total points
ID: 40560526
A team for management and a team dedicated to the vSwitch would be the best configuration.

I suggest having a look at my EE article Some Hyper-V Hardware and Software Best Practices.
0
 

Author Closing Comment

by:cmp119
ID: 40580235
Thank you for this information!
0
 
LVL 40

Expert Comment

by:Philip Elder
ID: 40580271
YW. :)
0

Featured Post

Creating Active Directory Users from a Text File

If your organization has a need to mass-create AD user accounts, watch this video to see how its done without the need for scripting or other unnecessary complexities.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Transferring FSMO roles is done when an admin wants to split roles between certain Domain Controllers or the Domain Controller holding the Roles has been forcefully demoted using dcpromo / forceremoval
Sometimes it necessary to set special permissions on user objects.  For instance when using a Blackberry server, the SendAs permission needs to be set. I see many admins struggle with the setting that permission only to see it disappear within a few…
In this Micro Tutorial viewers will learn how to restore their server from Bare Metal Backup image created with Windows Server Backup feature. As an example Windows 2012R2 is used.
Microsoft Active Directory, the widely used IT infrastructure, is known for its high risk of credential theft. The best way to test your Active Directory’s vulnerabilities to pass-the-ticket, pass-the-hash, privilege escalation, and malware attacks …
Suggested Courses

571 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question