Backup domain controller: physical vs. Virtual

Hi ladies and gentlemen

What are your thoughts on the benefits of keeping the BDC on a physical server. Our server BDC hardware came at the end of life and I have the opportunity to virtualize it or replace it with another physical server.

It is advisable to keep the BDC off the virtual in order to always be able to serve the field was anything to the San?

Thanks a lot for your comments.

Concerning

Clint...

An interesting article by Scott Lowe on the subject:

http://www.virtualizationadmin.com/blogs/Lowe/news/VIRTUALIZE-all-of-your-domain-controllers-why-not-105.html

Tags: VMware

Similar Questions

  • Conversion from a physical to a virtual domain controller domain controller

    Hello everyone!

    I was wondering if you guys can help me. We are running a physical server Proliant DL 360 Gen 8 as our physical domain controller. The host runs HP VMware 5.5 Update 1, and the domain controller running Windows Server 2012

    I am looking to convert it to a virtual DC as a backup. I would like to add it to a host computer currently running three VM. I have a few questions.

    (1) is there a way where if the physical domain controller goes down, that the virtual server is brought online automatically?

    (2) are there caveats to a physical domain controller in a virtual domain controller?

    (3) is there a step by step guide on the process of conversion from a physical to a virtual domain controller domain controller?

    (4) what should I stop all services on the physical server during the conversion?

    (5) that I would be able to take the virtual domain controller and make like a secondary domain controller?

    Thank you

    No, you misunderstood. For additional availability, you must implement a 2nd DC as a virtual machine now and leave this race. Don't bother to put something automagic, just the 2nd DC easy running.

    Backups should always be done on a regular basis, because they might be useful if two domain controllers fail for some reason any.

  • Windows Server 2003 P2V domain controller

    I tried to understand the best way to do it.  We have a backup domain controller that is programmed to be either P2V would or recreated as a virtual machine.  Whatever it is, it's going to happen in our cluster HA.  I wonder if we can make just a P2V using the converter bootable without problems or would it not be better to organize a new virtual machine, and then go through the process of promotion and demotion.  Has anyone ran into any ING questions P2V one domain controller?  I can't really find any advice on this with the exception of a Microsoft document.  I looked on the forum and the exchange of Experts, and the general consensus seems to be, just do not do.  It is best to start from scratch.  I said why?  What happens when you P2V one domain controller?  If this isn't a secondary domain controller, so what about the PDC?  Are there unwritten rules on that?  A white paper that can be nice to look at?  Any help that anyone can give would be great.  For us, the easy way is to P2V, but if this isn't a good idea, then I guess we have the opposite effect.

    Found this blog relevant today!

    http://blogs.technet.com/b/askds/archive/2010/06/10/how-to-VIRTUALIZE-Active-Directory-domain-controllers-part-1.aspx

    ... Do online physical to virtual (P2V) conversions. Every P2V conversions for computers in domain controller role should be offline...

  • direct conversion of the domain controller

    Hello

    I just download vCenter Converter Standalone 4.0.1 with the intention to convert a physical domain controller in a virtual machine under esx 4.0.   the final goal is to re create my production of active directory and exchange environments to test the migration of mailboxes from exchange 2003 to exchange 2007.  are there aspects I should be aware of here?  thought play it safe and get a little feedback before messing around with the field.  Thanks in advance! just to clarify, im running a host not managed esx 4.0 and have just installed vCenter Standalone 4.0.1 on my client machine.

    see this VMware KB on their position on P2V of a domain controller

    http://KB.VMware.com/kb/1004588

    > If the source is a domain controller, special considerations are required. VMware does not recommend virtualization of an active DC with converter. For more information, see Virtualizing existing domain controllers (1006996).

    Your best bet would be to put online a new virtual machine and run dcpromo

  • VM customers on a physical domain controller, network settings

    Hi all

    I'm hopelessly stuck and would appreciate your help.

    I have Win Server 2003 is installed on my PC configuration as a domain controller. On another PC, I have another program to install server as a member server in the same domain. (contoso.com - yup im studying my first chaperones to become certified MCBS http://www.vmwareforum.org/yabbfiles/Templates/Forum/default/smiley.gif )

    I can handle the other Member of the domain server and everything works fine. I installed VMPlayer on the domain controller, on another partition of HDD with XP Pro. I have successfully connected the VM XPPRO to the field and you can see, but I am able to ping but it cannot administer the domain controller.

    I installed VMPLayer on the DC on a separate partition.

    I have the following settings on the domain controller;

    IP - 192.168.1.1

    Subnet - 255.255.255.0

    Gateway - 192.168.1.254

    DNS - 192.168.1.1

    VMPLayer (parameters XPPRO) I have to configure it to automatically get an IP and DNS 192.168.1.1

    I noticed 2 VMNET1 and VMNET8 net network connections and the only way I can get an internet connection in XPPRO must be set to auto obtain IP address and set the leave blank DNS.

    Could someone point me in the right direction or give me the correct settings for correct, VM or physical network adapater? Is it possible to do what I'm asking? When I try to manage the workstation (XPPRO in VMPayer) of CD I get an error indicating the network address could not be found.

    Thanks in advance

    You must change the setting of the virtual machine, which is down by clicking on change settings, then the NIC in VMware player.  Click the top box for height.  You should leave the vmnet1 and 8 allowed because they are 'only' networks "NAT" for VMS host, you can run.  Technically you won't need to fade them however once you're on the network bridge because the virtual machine will use the physical card rather than the vmnet adapters.  I would like to know if using the bridged network solves your problem.  If it is not the case, you can disable the xp firewall if it is enabled.

    Kevin

  • I am unable to connect to the virtual pc Xp mode when I try to open a session given an error unable to connect to the domain that a domain controller is down or unavailable,

    I am unable to connect to the virtual pc Xp mode when I try to open a session given an error unable to connect to the domain that a domain controller is down or unavailable,

    Hi Rajendra Patil,

    I suggest you to ask your question on the TechNet Forums.

    Windows Virtual PC and XP Mode.

    http://social.technet.Microsoft.com/forums/en/w7itprovirt/threads

    I hope this helps!

  • P2V domain controller (for a test, the new virtual will not be connected to the network or used in production)

    I wanted to check that won't affect my physical domain controller by performing a P2V migration to this subject, we would like to P2V our current DC (in production) to put in our test environment, it's so we can simulate one pass from 2008 to 2012. I would just check that install VMWare converter and performing P2V migration on the active domain controller current WILL NOT affect our current physical machine.

    Can someone advise?

    DC and P2V = Don t do, since there is absolutely no guarantee that the DC P2Ved work. I had horrible experience during a migration of a data center to a new provider, the provider told us that P2V would be perfectly viable and that they had done several times. So ultimately they tested migration P2V, everything worked. Then, the day of the passage to the they did it again and AD did not come to the top. In the end we had to make a member server new rollback, as well as on the website of the provider and a classic dcpromo Setup does the job.

  • How to properly snapshot and return to a domain controller

    I have 4 x of domain controllers Windows 2003, which 2 are physical and 2 are virtual. I need to install the component of the IMU (for Unix identity management) on each of them.

    I would like to take a snapshot of one of the virtual domain controllers before you install the IMU component to restore if it causes problems.

    Does anyone know how to do this correctly?

    If I install the component on one of the domain controllers, to decide that it does not work as expected, restore the domain controller from the age of 1 hour and restart snapshot will there AD questions? Are there other measures that should be taken?

    Thank you!

    Hello.

    This approach might violate support with Microsoft.  It is possible, but think of the consequences of not having support on ad, before trying this.  I would personally have ready another DC and a good system state backup.

    "Active Directory does not support other methods to restore the contents of Active Directory. In particular, Active Directory does not support any method that restores a 'snapshot' of the operating system or is in the volume of the operating system disk. This kind of method causes a restore in the sequence of update (USN) number used to track changes in Active Directory. When a USN recovery occurs, the contents of data bases Active Directory on the incorrectly restored domain controller and its replication partners can be definitely incompatible"- MS 888794 kb

    Good luck!

  • Problem of VCB backup domain controllers

    I still do research the issue, it may or may not be true, but I was wondering if anyone had a DC using VCB backup problem. iSCSI connected proxy server.

    fact twice and twice (different days) I could NOT connect on two domain controllers. Event Viewer filled with the error logs related to DNS, ATN, time and many others. Restarting solves the problem.

    Someone at - it experience what that be like this?

    I would always advise against him. AD is a sensitive application and you should recover a domain controller virtual in the same way as a physical domain controller.  Using snapshots - enabed VSS or not, is not supported by MS, and you will have problems.

  • Best way to integrate a snapshot of long-term in a Win2k3 domain controller

    Hi all

    It seems that one of our virtual domain controllers works as a snapshot since November 2009. I wonder how better is there to take to solve this.

    First of all, a few details:

    -We miss ESX3.5 U4 in a cluster of Server-3 (business license)

    -The "instant DC" is a Win2k3 Standard 32-bit machine

    -We have 1 other virtual DC on the network (also hosted in the cluster), and 1 physical DC/Exchange server

    -Roles FSMO transferred yesterday from "SnapShot DC" to another virtual domain controller

    -DC 'Snapshot' is our DHCP, the primary DNS (physical DC/trading machine is our auxiliary DNS server) and file server / printing, as well as a catalog server Global (are therefore 2 other domain controllers)

    -"SnapShot DC" was P2V would last summer. The person who made the conversion did not take into account any special considerations for P2Ving a controller of domain, so we found ourselves in a State of a USN restoration that we had to get Microsoft to resolve in February of this year

    I've attached a screen-cap of the folder of the server data store.

    Can you recommend the best way to solve this problem?

    Hello and welcome to the forums.

    Wait until after hours, or maybe even a weekend and remove the snapshot on this domain controller.

    Good luck!

  • Physical to virtual clustering on vmware

    Hi all

    We plan to convert one of our (AD) domain controller in Virtual box, then must make grouping with another physical box (DHCP).

    Can someone help me on this...

    First need to know

    1 can we do clustering on physical Virtaul-bix in a windows environment. ?

    2. Keeeping (ADC) box of vmware domain controller is recommended... a... ? If so can we Virtaul virtual or physical to virtual clustering.

    Note: The controller (ADC) of area intended only DHCP enabled no specified ROLE on this.

    Thanks in advance

    Concerning

    Konate

    What do P2V ADC?

    This is a wrong approach

    AD is a database structure that could not be stopped on a running system.

    So the only way to make a coherent P2V, it is use a cold conversion (but you need the Enterprise Converter) or try to do it in Restore Mode Active Directory.

    André

  • VMWare converter on a domain controller that you want to resize partitions?

    Hello

    I read that you are not supposed to use VMWare converter on domain controllers because the domain controller is very sensitive to changes in material ranging from physical to virtual material involved.

    In fact, I have a few DCs 2003 (virtual) Server I want to upgrade to 2008 (also virtual) DCs, but they need more disk space.  I want to use VMWare converter to increase the disk size to allow the extra space taken up by Server 2008, but I wonder if this will not work because the VMWare converter does not like domain controllers.

    Is it still the concern to use VMWare Converter to "convert" essentially a virtual machine to another virtual machine that has more disk space on the partition of the OS?  I'll have to rebuild every fresh as Server Server 2008 domain controller and then transfer the roles via?

    Thank you.

    You don't need to run the converter... stop the 2003 domain controller.  Change the virtual machine to increase the size of the disk.  Fix the VMDK on a different VM like saying 'F drive '.  It boot up... run diskpart and extend drive "F".  Shutdown... Remove the extended DC drive of the virtual machine.  Then put on the DC... here's no wobbly thing done to the domain controller.

    All this should not take more than 3 minutes and no need to enter the command line (ok, other than the 2 lines of diskpart on BACK).

  • A virtualization domain controller error

    Hello

    I recently tried to PtoV, one of our Windows 2000 domain controllers.  This domain controller hosting the Infrastructure master FSMO role.   PtoV process seemed that it was successful.  I brought the physical domain controller, raise the server virtual and everything went well.  However, upon further research, I noticed that the NetLogon service has been suspended.  I managed to restart the service, and it has started successfully.

    The main problem is that I noticed that there is an error in replication now with our other physical domain controllers.  The error is below to:

    The following error occurred during an attempt to synchronize the domain controllers: the destination server rejects currently replication requests.

    Everyone knows about this problem before?  This happens all in trying to replicate from this domain controller virtual at ALL physical domain controllers.  I searched some knowledge bases and could not find anything that would relate to my environment.

    Thank you

    Marc

    Its best just to build a new DC on virtual material, promote and then out to the former.  If you do a p2v then transfer the roles first off and do a migration cold offline by using the bootable CD converter.

  • Questions, communicate with a Windows domain controller

    I thought at first my user had a problem with Keychain and had finally called Apple Tech Support.  While on the line with Apple, we proved that it was not a question of Keychain, but rather a problem of communication with a windows domain controller. The key elements are:

    * Multiple users and Macs are members of an Active Directory multi-domain forest

    * iMac is a 27-inch, mid-2011w / 8 GB RAM

    * OS X 10.11.2 (updated 10.11.3)

    * Question appears isolated to this iMac (currently). All other iMac, Macbook Pro and Mac Pro is currently very well, several VIRTUAL LANs, and a MacBook connected to the connection of network iMacs can communicate properly with the domain.

    * iMac seems not to contact no matter what domain controller when connecting, but connects to the resources of the network and domain controllers, after login. Permissions and access to the resources appear normal after login.

    * User (s) cannot change passwords for mobile accounts or login with new mobile accounts, but accounts/passwords cached work very well.

    * iMac uses Symantec EndPoint Protection for Mac (anti-virus) – REQUIRED BY THE POLICY.  I can't change.  I have come off for the test, but must replace as soon as the test is completed. This policy is set at a level about five grades of remuneration above me.

    * It isn't really everything off the coast of the wall software installs on the computer.  The full Adobe Creative Cloud subscription is responsible, but so it is on just about every other mac I support.

    The steps that have taken place:

    (1) about a month ago, the user went to change his password, but wouldn't go to change password at the login window.  We were able to change their password on the network and could use the new password to connect to the network Active Directory controlled resources. We can connect to resources network successfully with the new password, after we connect locally with the old password.

    (2) we get the red ball (the network resources are not available) to the login window. We are basically connecting with identification and passwords cached information.

    (3) if we try to change their password through the system preferences / users and groups / / password Chang, we get the message that no domain controller is available.

    (4) initially thought that it was a matter of trousseau, and we ended up calling Apple support, since Keychain first aid is no longer available in 10.11. Apple-Advisor while that remote, showed where it was not a question of Keychain because we could not change the password on the domain, because the iMac didn't communicate with a domain controller.

    (5) while on the phone with Apple, we reset SMC and NVRAM without success.

    (6) If you are going to untie the iMac in the domain, a message that the system cannot communicate with a domain controller.

    (7) today, thinking that maybe there was a hardware problem with the ethernet connection, tried to use the private WiFi network. Still would not communicate with a controller domain, but, as if using the wired, could connect to network resources. This happens independently attempted account.

    (8) used a MacBook on its network without any problem, it is not the connection port or switch

    (9) moved his iMac to another connection on one VLAN different. Same question.

    I'm open to suggestions. I have two days to work on this subject, around the planning of production of the user, while I'm off site for a week.

    10) thinking that maybe it was something that happened with 10.11.2, he improved to 10.11.3 today. No change.

    I don't want to try to clean and recharge its iMac, in the hope that this clears up the issue.

    ANY SUGGESTIONS?

    A few additional tests.

    (1) Symantec deleted using Symantec CleanWipe, without modification. Has been reinstalled after additional tests and a reinstallation of the operating system.

    (2) being ran reports, visualization and research now, but nothing is really coming out as noticeable. Only problem seems to be a helper of Adobe

    (3) use a bootable USB key and had no problem with the thumb drive version, this isn't somehow a hardware problem.

    4) entered the recovery partition and the re-installed El Capitan, in the hope that perhaps, is a pilot or something in the protocol stacks have been corrupt, a reinstall would correct. Reinstall has not corrected the problem.

    I'm really strongly leaning towards here is something in a plist or somewhere configuration file that is corrupted, but I don't know where this would be right now.  Will continue research and testing. Last resort will be a wipe up to bare metal and a clean install. I will not migrate the profile of the user, but only its working files.

  • 2012 R2 in Windows domain controller goes to three options when you restart in hyper-v, but cannot boot from any option

    After that creating a differencing disk (Windows 2012 R2 MSDN) that points to a virtual hard drive in windows that was Sysprep, I went through all the measures to promote a domain controller, but then I get 3 options, one to stop and connect to DC, two to repair, and three to stop this PC, the virtual machine does not restart to something else than these three options. I have also set up the IP address to be in the same subnet as the host gave the DNS the same thing as the vm and can ping a Web site ok, but cannot get the malicious windows package to get from windows update then nothing else before I did this PC a 2013 R2 domain controller.

    Any help would be gladly appreciated, as I did the same for 2008 a few years ago, no problem - learn everything MS 2013 if all goes well soon on this...

    Marc

    This issue is beyond the scope of this site (for consumers) and to be sure, you get the best (and fastest) reply, we have to ask either on Technet (for IT Pro) or MSDN (for developers)
    If you give us a link to the new thread we can point to some resources it

Maybe you are looking for

  • Do not synchronize the Android calendars

    I had this phone Moto E crap for awhile and for awhile, my laptop computer calendars and calendars synchronized locally using sync Android smooth for calendars.  However, lately and I don't know what has changed, it's a mess.  In particular, if I ent

  • How to use PHOTOS outside PHOTOS.

    My pictures are in PHOTOS, however, I would like to have access to them - for example to work with PhotoShop, or to have prints made at X. Suggestions?

  • Update 3 ATV

    My ATV 3rd generation is running the firmware 7.2.1. Today, I read that an update is available (8.x.x?) and of course in the settings, it proceeded to download an update. But after that it's over, under the heading to this topic still says 7.2.1. I t

  • When I right click a game why do I have the option to run it in administrator mode?

    I tried to fire up the game in administrator mode and I don't have that option or the ability to run in XP service pack 2, can help?

  • When I turn on Windows Defender I get error: 0 x 80070424.

    I try to use Windows Defender. When I turn it on I get an error message... Windows Defender encountered an error Ox80070424. The specified service does not exist as an installed service. Can someone help me with this problem?