Personally I have never been comfortable with allowing users access to a DC for any reason other than the purpose the DC is for. Allowing a DC as a file server is just asking for trouble and on a 2003 having print server is just asking for multiple restarts if there are printing issues. Both belong on another machine. Jon From: jnat...@hotmail.com To: ntsysadm@lists.myitforum.com Subject: RE: [NTSysADM] RE: P2V DC Date: Thu, 5 Jun 2014 19:00:50 -0400
+1 new DC, DCPROMO, old DC demote, and export / import print servers (assuming there are dozens or hundreds) otherwise recreate Jean-Paul Natola From: standl...@net-venture.com To: ntsysadm@lists.myitforum.com Subject: [NTSysADM] RE: P2V DC Date: Thu, 5 Jun 2014 22:14:56 +0000 One of the DCs is file/print/DNS, the other is a DC/DNS server, it also had Exchange 2003 but that was migrated off to a new 2010 server a while back. I see the reason for what you’re suggesting and the only arguments I can come up with is that P2V would save me from having to reconfigure client device IP settings, and building the new DC. I guess it boils down to whether or not I’m willing to take the risk of something going wrong with the conversion. Thanks. From: listsad...@lists.myitforum.com [mailto:listsad...@lists.myitforum.com] On Behalf Of Webster Sent: Thursday, June 05, 2014 2:50 PM To: ntsysadm@lists.myitforum.com Subject: [NTSysADM] RE: P2V DC Why? Is this server a DC only and runs nothing but DC type functions? If so, bring up a new VM and DCPromo it. Thanks Webster From: listsad...@lists.myitforum.com [mailto:listsad...@lists.myitforum.com] On Behalf Of Neil Standley Sent: Thursday, June 05, 2014 4:40 PM To: ntsysadm@lists.myitforum.com Subject: [NTSysADM] P2V DC I’ve been reading up regarding P2V of Domain controllers (2003 R2 SP2 in this case) and I think I have it down but wanted to get some feedback from the collective before setting forth on my project. Following the recommendations from the articles below, my understanding is that I should: a. Perform an Offline conversion. Both DCs would be powered off at the completion of the conversion process. b. Disable time sync between the virtual DC and the virtual host. In this case I’m using VMware Essentials 5.5 U1 – Note this is already done. c. Never connect the original, physical DC to my network again to avoid USN rollback. http://blogs.technet.com/b/askds/archive/2010/06/10/how-to-virtualize-active-directory-domain-controllers-part-21.aspx http://blogs.technet.com/b/askds/archive/2010/06/10/how-to-virtualize-active-directory-domain-controllers-part-2.aspx http://www.sole.dk/virtualizing-your-domain-controllers-without-getting-fired/ Is it really this simple? I feel like there’s a gotcha out there waiting to bite me real hard. Any suggestions or pointers to additional reading is much appreciated.
