Announcement

Collapse
No announcement yet.

Virtualiztion domain controller

Collapse
X
  • Filter
  • Time
  • Show
Clear All
new posts

  • Virtualiztion domain controller

    Hello All

    They are some many post of virtualiztion of the dc is this best practice? We have one dc in leeds onew in london and one in liverpool I would like to virtualize the leeds domain controller I have seach various post of this some say yes and some no is they a best practice guide on this I have esxi 4.0 fro, mvware

  • #2
    Re: Virtualiztion domain controller

    Yes, you can virtualize DC's.
    However, since you have no control which guest is booted first (when for example a power failure occurs) it is a best practice to have also physical DC's.
    For example: If the exchange server comes up first before the DC, well Exchange might be needed to reboot since he had no connectivity with the DC.
    Marcel
    Technical Consultant
    Netherlands
    http://www.phetios.com
    http://blog.nessus.nl

    MCITP(EA, SA), MCSA/E 2003:Security, CCNA, SNAF, DCUCI, CCSA/E/E+ (R60), VCP4/5, NCDA, NCIE - SAN, NCIE - BR, EMCPE
    "No matter how secure, there is always the human factor."

    "Enjoy life today, tomorrow may never come."
    "If you're going through hell, keep going. ~Winston Churchill"

    Comment


    • #3
      Re: Virtualiztion domain controller

      We have 2 virtul DC's and 2 physical DC's for exactly the reason Marcel has stated.

      We experience no performance issues with the DC's in a virtual enviornemnt.

      Please note though that is all our DC's do is DC duties.

      Comment


      • #4
        Re: Virtualiztion domain controller

        we have one physical DC, and one DC we have just virtualised.

        THe other reason we want a physical, as virtuals can sometimes get time skew, and with hyperv, it wanted the DC to setup the cluster, and if the dc was on te cluster, will, it was a cluster FK.. if you get my meaning :P

        With regards service startup, with ESX you can definitely configure what order srevers start up in. I'm not sure about hyperV, or ESXi..
        Please do show your appreciation to those who assist you by leaving Rep Point https://www.petri.com/forums/core/im.../icon_beer.gif

        Comment


        • #5
          Re: Virtualiztion domain controller

          Originally posted by tehcamel View Post
          THe other reason we want a physical, as virtuals can sometimes get time skew, and with hyperv, it wanted the DC to setup the cluster, and if the dc was on te cluster, will, it was a cluster FK.. if you get my meaning :P
          Which is why you set your virtual boxes to time sync with an external time source and all should be good lol.

          You can also set the devices to use the time on the ESX box via the VMware tools that you install. Then set your ESX box to sync with an external time source and your time should always be right.

          Comment


          • #6
            Re: Virtualiztion domain controller

            I don't see any disadvantages to virtualizing all DCs.

            Comment


            • #7
              Re: Virtualiztion domain controller

              Well It might depends a bit on your boot order.. at least first you have to boot your fabric (if using SAN) then your storage and then finally ESX hosts. However if you have selected to autoboot your VM's, it might give trouble in authentication....
              Or do you see it different?

              If manual VM boot is selected well, in that case I don't see any issues to virtualize all DC's...
              Marcel
              Technical Consultant
              Netherlands
              http://www.phetios.com
              http://blog.nessus.nl

              MCITP(EA, SA), MCSA/E 2003:Security, CCNA, SNAF, DCUCI, CCSA/E/E+ (R60), VCP4/5, NCDA, NCIE - SAN, NCIE - BR, EMCPE
              "No matter how secure, there is always the human factor."

              "Enjoy life today, tomorrow may never come."
              "If you're going through hell, keep going. ~Winston Churchill"

              Comment


              • #8
                Re: Virtualiztion domain controller

                Personally I would leave at least one DC as physical.
                The reason being that is your whole Virtual infrastructure goes down (including your DC's)
                - DNS does not work
                - vCenter does not work

                ..
                ..


                You see where I am going
                Maish
                ----------------------------------------------------------
                Technodrone|@maishsk|Author of VMware vSphere Design
                VMware vExpert 2013-2010,VCAP5-DCA/DCD,VCP
                MSCA 2000/2003, MCSE 2000/2003
                A proud husband and father of 3 girls
                ----------------------------------------------------------
                If you find the information useful please don't forget to give reputation points sigpic.

                Have a good one!!

                Comment


                • #9
                  Re: Virtualiztion domain controller

                  Indeed, at least one physical DC is a must.

                  Also, here's Microsoft's word on virtualized Domain Controllers: KB888794 Considerations when hosting Active Directory domain controller in virtual hosting environments
                  Wesley David
                  LinkedIn | Careers 2.0
                  -------------------------------
                  Microsoft Certifications: MCSE 2003 | MCSA:Messaging 2003 | MCITP:EA, SA, EST | MCTS: a'plenty | MCDST
                  Vendor Neutral Certifications: CWNA
                  Blog: www.TheNubbyAdmin.com || Twitter: @Nonapeptide || GTalk, Reader and Google+: [email protected] || Skype: Wesley.Nonapeptide
                  Goofy kitten avatar photo from Troy Snow: flickr.com/photos/troysnow/

                  Comment


                  • #10
                    Re: Virtualiztion domain controller

                    Originally posted by Maish View Post
                    Personally I would leave at least one DC as physical.
                    The reason being that is your whole Virtual infrastructure goes down (including your DC's)
                    - DNS does not work
                    - vCenter does not work

                    ..
                    ..


                    You see where I am going
                    Get more than one Host with at least one DC per. Does vCenter even come into play with only a single host?

                    Comment


                    • #11
                      Re: Virtualiztion domain controller

                      Also another thing to consider is to avoid a single point of failure. You can have multiple guests running DCs as long as they are in different hosts IMO.
                      Caesar's cipher - 3

                      ZKHQ BRX HYHQWXDOOB GHFLSKHU WKLV BRX ZLOO UHDOLVH LW ZDV D ZDVWH RI WLPH!

                      SFX JNRS FC U6 MNGR

                      Comment


                      • #12
                        Re: Virtualiztion domain controller

                        If he is running DRS then seperating DC's can be easily accomplished with "Affinity" rules...
                        Marcel
                        Technical Consultant
                        Netherlands
                        http://www.phetios.com
                        http://blog.nessus.nl

                        MCITP(EA, SA), MCSA/E 2003:Security, CCNA, SNAF, DCUCI, CCSA/E/E+ (R60), VCP4/5, NCDA, NCIE - SAN, NCIE - BR, EMCPE
                        "No matter how secure, there is always the human factor."

                        "Enjoy life today, tomorrow may never come."
                        "If you're going through hell, keep going. ~Winston Churchill"

                        Comment


                        • #13
                          Re: Virtualiztion domain controller

                          I'm a fan of Virtual DC's. We have two physical and two vritual as well.

                          Just be carreful about using snapshot's with DC's.

                          Michael
                          Michael Armstrong
                          www.m80arm.co.uk
                          MCITP: EA, MCTS, MCSE 2003, MCSA 2003: Messaging, CCA, VCP 3.5, 4, 5, VCAP5-DCD, VCAP5-DCA, ITIL, MCP, PGP Certified Technician

                          ** Remember to give credit where credit is due and leave reputation points sigpic where appropriate **

                          Comment


                          • #14
                            Re: Virtualiztion domain controller

                            Originally posted by m80arm View Post
                            Just be carreful about using snapshot's with DC's.
                            So are you using the Zeigarnik effect on us all? Do tell more! Even though Google speaks to the issue, I still like to hear from people directly. At least, I think this is on topic...
                            Wesley David
                            LinkedIn | Careers 2.0
                            -------------------------------
                            Microsoft Certifications: MCSE 2003 | MCSA:Messaging 2003 | MCITP:EA, SA, EST | MCTS: a'plenty | MCDST
                            Vendor Neutral Certifications: CWNA
                            Blog: www.TheNubbyAdmin.com || Twitter: @Nonapeptide || GTalk, Reader and Google+: [email protected] || Skype: Wesley.Nonapeptide
                            Goofy kitten avatar photo from Troy Snow: flickr.com/photos/troysnow/

                            Comment


                            • #15
                              Re: Virtualiztion domain controller

                              Well, I think M80arm more means, be careful taking snapshots of databases (which AD is) ?
                              Marcel
                              Technical Consultant
                              Netherlands
                              http://www.phetios.com
                              http://blog.nessus.nl

                              MCITP(EA, SA), MCSA/E 2003:Security, CCNA, SNAF, DCUCI, CCSA/E/E+ (R60), VCP4/5, NCDA, NCIE - SAN, NCIE - BR, EMCPE
                              "No matter how secure, there is always the human factor."

                              "Enjoy life today, tomorrow may never come."
                              "If you're going through hell, keep going. ~Winston Churchill"

                              Comment

                              Working...
                              X