::: Virtual Aleph ::: Virtualization Techniques: EA6705: Lead Practices for Virtualizing Active Directory using vSphere

VMworld 2017 Banner

VMworld 2017 Banner
VMworld 2017 Las Vegas

12 October, 2010

EA6705: Lead Practices for Virtualizing Active Directory using vSphere

@5.00PM ...
speaker Mr. chris Skinner

recap fornthe session

active directory virtualization is not magic.
A lot of customers have done and is doing successfully

the challenges you have to face in virtualizing AD are:
time sync
disaster recovery

Sync forest PDC emulator with external startum 1 time source, childs sync with parents. Clock sync issues must be payed attention because, in misconfigured vm that' s doing nothing, time drift can happen and test demonstrates 1700 seconds drift on 18 hours of execution.

Performance on Domain Controllers are not really a problem 'cause CPU is used about <10%. Nevertheless is good to have plenty of RAM to cache all NTDS Database.
Network hints: dedicatena port group or an vSwitch to Active Directory processes such as replication.

Check replica with the replmon and repladmin tools. After deployment wait 24-36 hours to have a complete replica in very big environment.

Availability and DR: take normal system state back up. It's the only right way to get protected from a failure.
Do not P2V physical DC: add a VM and promote it to DC. then demote the physical one.
respect MS best practices in placing FSMO roles.
Do not snapshot DC and do not suspend them for long time.