Posts Tagged ‘Domain Controller’

Virtualizing ALL Domain Controllers in a Cluster environment. Would you recommend?

April 19, 2012 2 comments

Would I recommend virtualizing All domain controllers on a Hyper-V Cluster?

My answer is : yes and NO.

1. Yes, for an home/test/demo deployment

2. Yes, for a multi-site cluster/single forest deployment, running multiples domain controllers

3. BIG NO, if it is an production environment running in one unique site and I will explain the reasons for that:

Root Domain Controller running on a Physical Hardware

Due the implementation of clustered Hyper-V, it is not recommended to virtualise all domain controllers. In case of connection lost to the Failover Cluster, it will fail to start as it cannot locate AD account for Cluster Hyper V Host. Microsoft Failover Cluster relies on Active Directory for authentication/authorization and it is a pre-requisite to setup failover cluster. That’s a serious matter and Microsoft released a very long articles about that.


–          “Always have at least one DC that is on physical hardware so that failover clusters and other infrastructure can start.”

             (Article ID: 888794 – Last Review: December 29, 2011 – Revision: 13.0)

–          Avoid creating single points of failure: Maintain physical domain controllers in each of your domains. This mitigates the risk of a virtualization platform malfunction that affects all host systems that use that platform.

             (Updated: April 11, 2011)
Note :  Although it is possible to minimize the risk by having the DC running as a standalone VM, on any Cluster Hyper V, Microsoft does not recommend to run standalone VM on a cluster Hyper V

How about you. What is your thoughts on this?

Recommended articles: