We're running a couple of DCs on ESX, and others on physical hardware. So far we haven't run into any problems.
You'll definitely want to watch performance to make sure that the clients are getting adequate response from the DCs. Of course, that applies to any DC and not just virtuals. IIRC, Microsoft doesn't support DCs running on VMWare. That may have changed recently, but it's something to consider as well. Your point about snapshot/disk image rollbacks is very important. Ironically, the only two hits I got from support.microsoft.com on "domain controller vmware" were about USN rollback. Check them out and make sure you have adequate controls in place to prevent this from happening. The USN rollback is really a subset of a larger (potential) problem: moving disk image files around is very easy, which means that anyone with access to the VMWare console has "physical" access to your domain controllers. Huge security implications there... Hunter -----Original Message----- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of [EMAIL PROTECTED] Sent: Thursday, June 16, 2005 6:52 AM To: [email protected] Subject: [ActiveDir] Virtual Domain Controllers All, Is anybody currently running Domain Controllers in VMware of Virtual Server? Have there been any problems with this environment? There is a big push at my company to virtualize every environment but, I am sure Domain Controllers should be virtualized. One of my biggest concerns is the snapshot feature. I do not have full control over the Domain Controllers and I worry that another Admin will take a snapshot of the DC and make a few changes and if they don't work, revert to the snapshot before the changes. Wouldn't this be the same as using an older ghost image of the DC? I'm just looking for some feedback to see if this is a viable solution. List info : http://www.activedir.org/List.aspx List FAQ : http://www.activedir.org/ListFAQ.aspx List archive: http://www.mail-archive.com/activedir%40mail.activedir.org/ List info : http://www.activedir.org/List.aspx List FAQ : http://www.activedir.org/ListFAQ.aspx List archive: http://www.mail-archive.com/activedir%40mail.activedir.org/
