Windows AD - stay Physical - or go Virtual?

Just looking for advice on whether or not to migrate our current, physical AD server to a virtual VM on VMWare - leave it as physical.  We need to upgrade because we are on an out-dated HP server, running Server 2008.  We want to upgrade to either a new physical 2016 Server - or a virtual 2016 Server.  What are the pros and cons - if any - of going virtual with active directory?  

Thanks for your input

Damian GardnerIT AdminAsked:
Who is Participating?

[Product update] Infrastructure Analysis Tool is now available with Business Accounts.Learn More

I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

Bryant SchaperCommented:
I have heard a mix of some recommending keep one physical dc and virtualize the others.  We run all our domain controllers virtual.  No problems, just think ahead of points of failure, like running them both on the same host is bad, so we have DRS keep them separate.

Microsoft does have some best practice recommendations as well.

Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
Cliff GaliherCommented:
I recommend virtualizing everything except for odd edge cases. You do need to be aware of how AD works in a DR scenario (no snapshots!) so the only real con is the learning curve. Butt done properly, the pros are worth it.
Seth SimmonsSr. Systems AdministratorCommented:
we virtualize everything
it all runs on a pair of dell servers in a vmware cluster connected to a 10gb iSCSI san
reboots are faster (compared to bare metal) no need to have downtime to do bios, firmware updates (unless you are doing maintenance on the host and even then you can live move the guest to another node without downtime)
bare metal domain controller seems a bit overkill really when you have so much hardware that is not needed for a system requiring no more than, say 4gb of memory running some light network services

just my $0.02
The 7 Worst Nightmares of a Sysadmin

Fear not! To defend your business’ IT systems we’re going to shine a light on the seven most sinister terrors that haunt sysadmins. That way you can be sure there’s nothing in your stack waiting to go bump in the night.

Andrew Hancock (VMware vExpert / EE MVE^2)VMware and Virtualization ConsultantCommented:
and what's wrong with virtual ?

We've been virtual AD since 2004!

There are many more benefits of virtual rather than physical hardware, does not matter which hypervisor virtual platform you select!
just make sure that in case of main data center, you will keep virtualized AD servers either in hypervisor cluster or they should be installed on separate hypervisors separated by racks at least
Ajay ChananaMCSE-2003/08|RHCSA| VCP5/6 |vExpert2018Commented:
Damian GardnerIT AdminAuthor Commented:
Thank you for all of your input!  Sounds like virtual is the way to go, as long as we have a backup on a separate host or in a cluster.  Thanks everybody!
Andrew Hancock (VMware vExpert / EE MVE^2)VMware and Virtualization ConsultantCommented:
you should *ALWAYS* have a minimum of 2 Active Directory Domain Controllers!
It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today
Server Hardware

From novice to tech pro — start learning today.