Tuesday, August 14, 2007

Active Directory DC Virtualization?

OK, I believe that customers are testing and engineering with VMWare or Microsoft Virtual Server-based Active Directory domain controllers. But, are customers actually, really deploying virtualized Active Directory domain controllers in production environments???

I have yet to find a customer who said "Yes, we are!" (or maybe they don't want to admit it?)

Are you or do you know someone who has deployed virtualized Active Directory domain controllers in production?? I'd sure like to know if folks are doing that because they've overcome some of the FUD that's out there (below).
Microsoft does not test or support Microsoft software running in conjunction with non-Microsoft hardware virtualization software. For Microsoft customers who do not have a Premier-level support agreement, Microsoft will require the issue to be reproduced independently from the non-Microsoft hardware virtualization software. Where the issue is confirmed to be unrelated to the non-Microsoft hardware virtualization software, Microsoft will support its software in a manner that is consistent with support provided when that software is not running in conjunction with non-Microsoft hardware virtualization software.
Plus one has overcome specific statements Microsoft makes around backups (and other tools) as they relate to virtual machines...(not to mention the security worries!)
Domain controllers that are running in virtual machines must be backed up and restored only by using an Active Directory-compatible backup and restore application such as NTBackup.exe. Any other method of backing up and restoring .vhd files is not recommended. Specifically, you must absolutely ensure that no personnel make copies of .vhd files that represent deployed domain controllers for the purpose of deploying additional domain controllers or for restoring a failed domain controller by starting the .vhd copy.

Anonymous said...

Fortune 500 company here... running DC's on VMware esx.. absolutely!

Unknown said...

Wow, awesome. Well, if you'd be willing to answer a few questions I'd love to hook up with you!



Anonymous said...

I'm running virtualized DC's too, no problem.

Unknown said...

Thanks! Again, would love to ask some basic "research" questions if you'd be open to it!

Unknown said...

We have some production domain controllers running on ESX servers.

We don't manage them any differently than we manage production servers. We don't make copies of the VMWare files and we use standard backup software.

We make sure that we have physical boxes for Exchange and will be looking at 64 bit domain controllers for Exchange.

Anonymous said...

Running Active Directory and Exchange Server 2003 on VMServer and ESX Server. I still maintain atleast one Physical machine running Active Directory. Managing backups using standard NTBackup and Symantec Backup Exec. Starting transition for Exchange Server 2003 to Exchange Server 2007.

dimikagi said...

Customers I visit are willing to put in --some-- DCs in a virtualized environment, but no one is willing to commit all of their DCs to virtualization. Every client interested in this is still saying "we'll keep a few physical boxes around."

Anonymous said...

Yes - for latent spare Domain Controllers (one replicating at midnight and another at noon). Technically these servers are not providing production AD services to clients but are part of a production domain.