Geeks With Blogs
Technically Speaking All in on IT
Rod Trent posted over on his blog some thoughts on running a domain controller as a VM (virtual machine). I can think of two places I would do this. Disaster recovery and as  part of a "swing" upgrade to active directory from an NT4 domain. In most instances you are building a new destination DC on new hardware, and have an NT4 domain controller on older hardware. Build the new Windows 2003 Server and then build an NT4 server on it as a VM. Promote it to be the PDC. Upgrade it to be the new AD domain’s DC. The other good thing about a VM is you don't need to worry about device drivers for NT4 on new hardware which can be especially tricky now that it is "retired." Posted on Wednesday, July 27, 2005 5:51 AM | Back to top


Comments on this post: Running a Domain Controller as a Virtual Machine

# re: Running a Domain Controller as a Virtual Machine
Requesting Gravatar...
Yep, done this. It was VERY handy for Exchange disaster recovery prior to the "Recovery Storage Group". Now that we have the Recovery Storage Group (Ex 2003)I shudder at the thought of Exchange recovery of the past. I doubt I would do much in the way of production servers on it, other than development machines of course. It has come a long way though. I trust the stability of a VMware machine almost as though it were real hardware.
Left by Eric Hammersley on Jul 27, 2005 10:50 AM

# re: Running a Domain Controller as a Virtual Machine
Requesting Gravatar...
I had a client who wanted to use one hardware server and one virtual server as 2k3 domain controllers after an NT 4 migration. As in the virtual DC was going to be one of their ongoing domain controllers. I advised against it but they did it anyway. They ended up having time synchronization and replication issues stemming from the virtual DC. We created a hardware DC and decommissioned the virtual one and all was right with the world.
Left by Tony Palmisano on Jul 27, 2005 8:35 PM

# re: Running a Domain Controller as a Virtual Machine
Requesting Gravatar...
I did this just last night, as a matter of fact! Several months ago I deleted the SYSVOL accidentally on a one-DC domain I have at home. So I installed another DC on a Virtual Machine and built the sysvol there. All I had to do was recreate a couple of folders (well documented in the KB) on my original server, and I was "back in bidness".

It was also a good opportunity to use some diagnostic tools between them to make sure my first DC was performing correctly all the way around. This is a machine that had been an NT 4 DC, then upgraded to 2000, and then to 2003. (It's also had Exchange 5.5, 2000, and now 2003, too.) It's a scrawny 450 Mhz, 512 MB Dell Workstation, but it's running my home domain, email, and photo-album web site. :)
Left by Kevin Remde on Jul 27, 2005 9:23 PM

# re: Running a Domain Controller as a Virtual Machine
Requesting Gravatar...
I think timing issues are more common to VMWARE virtualization productions - and I would consider carefully virtualizing anything that is time sensitive with them.

However, MS Virtual Server does not have such issues when timing issues are a concern (albeit, it may have less fancy features). Therefore, in a situation where a virtual DC is a must, then I'd go with MS Virtual Server.

MS have a paper "DC_VS2005.doc" that support such a setup here is the link below:-

http://www.microsoft.com/downloads/details.aspx?FamilyId=64DB845D-F7A3-4209-8ED2-E261A117FC6B&displaylang=en

Good Luck

Left by Anwar on Jan 13, 2008 5:55 AM

# re: Running a Domain Controller as a Virtual Machine
Requesting Gravatar...
i hav a VMware software .for studying purpose i installed 2003 server in vmware and i cloned one 2003 there itself.after that i installed active directory in first server and i was tried for add this client to domain controller,but am not able to add this client to server 2003.both ip is pinging.eroor is this"cannot contact domain controller"can u help me in this issuse.....
Left by mihammed aslam on Jan 21, 2009 1:26 AM

# re: Running a Domain Controller as a Virtual Machine
Requesting Gravatar...
This is to mihammed aslam in the last post.
Of course it is not going to work. You have used cloning in VmWare. What has happened is because you have cloned you will have to server Operating systems with the same "SID"
So you have a conflict if you cloned an AD enabled 2003 installation
What you need to do is totally forget cloning.
Start from sratch again with your first server OS. Once you have built your first OS inclucing all ms patches and updates, use SYSPREP and SYSPREP your first fully updated server. Then when you want to deploy another machine, use the SYSPREP image. This will avoid conflicting SIDs, IPs and Hostnames.
Hope this helps.

Matthew Giannelis
Left by Matthew on Feb 18, 2009 1:08 AM

# re: Running a Domain Controller as a Virtual Machine
Requesting Gravatar...
You guys may alrady know this, but you should never run your primary domain controller as a virtual machine, this can cause all kinds of issues. VmWare always recommend that you keep your domain controller as a physical machine and do not run it on the VM HOST.
Always keep your primary domain controller on a physical machine and never create a VM for this. You will have Sync issues and if your running DFS (Distributed File System) you will defenatly have a few flaws, bugs and replication issues.
Left by Matthew Giannelis on Feb 18, 2009 1:13 AM

# re: Running a Domain Controller as a Virtual Machine
Requesting Gravatar...
please helped me for What i am listening
Left by MUHAMMAD MOHSIN on Apr 10, 2009 12:24 AM

# re: Running a Domain Controller as a Virtual Machine
Requesting Gravatar...
I have virtualized several DC's on VMware. I have the host machine update time from a trusted internet time source and then synced the time on the vm with the host. We run exchange and multiple DC's this way with out any problems.

As a whole I can't imagine doing domain controllers or exchange any other way. Recovery, backups, testing, upgrades, and updates are all easier. If I have doubts about a process, I copy the VM and run the updates or changes off line. when all the bugs are worked out I do it to the live server. (after making another copy!) No one ever sees you sweat!
Left by Josh on Jun 02, 2009 12:03 PM

# re: Running a Domain Controller as a Virtual Machine
Requesting Gravatar...
time not sync in dc and adc with vmware
Left by praween saini on Jul 09, 2009 4:41 AM

# re: Running a Domain Controller as a Virtual Machine
Requesting Gravatar...
We did it, best idea ever. Never ever had replication errors or slow performance. Mind timsync with external ntp, as the vm heartbeat divers.
Left by Dan on Aug 06, 2009 11:57 AM

# re: Running a Domain Controller as a Virtual Machine
Requesting Gravatar...
If you run a DC as a virtual machine, don't make the host server a member of the same domain. This can lead to a circular reference: the host needs to authenticate with the DC during startup, but the DC cannot start until the host is started.

This shouldn't be an issue if you have a DC for the host server in another physical box. If your only DC is virtual, having your host as a domain member will cause problems. Specifically, expect it to take an extraordinarily long time to start, and you may not be able to log in once it does.
Left by Jonathan Johnson on Jan 08, 2010 9:57 AM

Your comment:
 (will show your gravatar)


Copyright © Chris Haaker | Powered by: GeeksWithBlogs.net