::: Virtual Aleph ::: Virtualization Techniques: EA6705: Lead Practices for Virtualizing Active Directory using vSphere

VMworld 2016 Banner

VMworld 2016 Banner
VMworld 2016 Barcelona

12 October, 2010

EA6705: Lead Practices for Virtualizing Active Directory using vSphere

@5.00PM ...
speaker Mr. chris Skinner

recap fornthe session

active directory virtualization is not magic.
A lot of customers have done and is doing successfully

the challenges you have to face in virtualizing AD are:
time sync
performances
replication
availability
disaster recovery

Sync forest PDC emulator with external startum 1 time source, childs sync with parents. Clock sync issues must be payed attention because, in misconfigured vm that' s doing nothing, time drift can happen and test demonstrates 1700 seconds drift on 18 hours of execution.

Performance on Domain Controllers are not really a problem 'cause CPU is used about <10%. Nevertheless is good to have plenty of RAM to cache all NTDS Database.
Network hints: dedicatena port group or an vSwitch to Active Directory processes such as replication.

Check replica with the replmon and repladmin tools. After deployment wait 24-36 hours to have a complete replica in very big environment.

Availability and DR: take normal system state back up. It's the only right way to get protected from a failure.
Do not P2V physical DC: add a VM and promote it to DC. then demote the physical one.
respect MS best practices in placing FSMO roles.
Do not snapshot DC and do not suspend them for long time.

\mf