Last time I did this I kept the Hyper-V hosts OUT of the domain set the DNS to an off-site DNS server and fixed the IP to a reserved IP in the domain assigned to that machine. I then had only one physical DC but plans were in place to kill it off and make the domain servers all virtual once the build out and trusts could be migrated to 2008 were completed. The build out was finished but the trusts were still un-resolved at the time I left. If you must have the Hosts in the domain then I would strongly suggest there be at least one physical DC somewhere.
Jon On Fri, Jun 17, 2011 at 11:35 AM, Robert Peterson <[email protected]>wrote: > Thank you James… you make an interesting statement I wasn’t thinking > about.**** > > ** ** > > If it is our common practice to always have 2 or more hosts and their > guests running, would I still need the physical DC?**** > > ** ** > > *From:* James Brennan [mailto:[email protected]] > *Sent:* Friday, June 17, 2011 10:25 AM > *To:* Active Directory Admin Issues > *Subject:* RE: Replacing DCs with new Hyper-V "guest" DCs?**** > > ** ** > > DCs can be in Hyper-V cluster. Need to make sure that all virtual DCs > cannot be on the same physical machine at the same time, which you will do > by having them on separate clusters.**** > > The biggest gotcha, do not allow virtual DCs to get time from physical > hosts. DCs must be able to get their own time.**** > > If Hyper-V hosts are domain members, then there should be a separate > physical DC, so that Hyper-V hosts can authenticate when they are all > booting. **** > > ** ** > > *From:* Robert Peterson [mailto:[email protected]] > *Sent:* Friday, June 17, 2011 10:18 AM > *To:* Active Directory Admin Issues > *Subject:* Replacing DCs with new Hyper-V "guest" DCs?**** > > ** ** > > We have a good and maturing Hyper-V environment, multiple hosts with High > Availability (Failover Clusters available)**** > > ** ** > > Our current DCs… hard W2003 Servers, are ready to be replaced.**** > > Tried to do some Googling… but it looked a little sparse of information or > folks who have already moved to “virtual” DCs.**** > > ** ** > > Does anyone have some good links they’d share or experiences? **** > > ** ** > > I have (2) “clusters” of 2-Hyper-V hosts… 4 hosts in all. I am thinking a > DC on each host, but NOT in the “fail-over” cluster, just one individual > guest “DC” on each Hyper-V host. I would build the DCs as new 2008 servers. > **** > > ** ** > > Sure there is a lot more I need to be thinking about, appreciate any > feedback.**** > > Thx,**** > > Robert**** > > ~ NEW: CounterSpy Enterprise: Centralized Antispyware - #1 in eWEEK Test! ~ > ~ <http://www.sunbelt-software.com/product.cfm?id=400> ~ > > --- > To manage subscriptions click here: > http://lyris.sunbelt-software.com/read/my_forums/ > or send an email to [email protected] > with the body: unsubscribe ad-list**** > > ~ NEW: CounterSpy Enterprise: Centralized Antispyware - #1 in eWEEK Test! ~ > ~ <http://www.sunbelt-software.com/product.cfm?id=400> ~ > > --- > To manage subscriptions click here: > http://lyris.sunbelt-software.com/read/my_forums/ > or send an email to [email protected] > with the body: unsubscribe ad-list**** > > ~ NEW: CounterSpy Enterprise: Centralized Antispyware - #1 in eWEEK Test! ~ > ~ <http://www.sunbelt-software.com/product.cfm?id=400> ~ > > --- > To manage subscriptions click here: > http://lyris.sunbelt-software.com/read/my_forums/ > or send an email to [email protected] > with the body: unsubscribe ad-list > ~ NEW: CounterSpy Enterprise: Centralized Antispyware - #1 in eWEEK Test! ~ ~ <http://www.sunbelt-software.com/product.cfm?id=400> ~ After a lot of failed attempts by what's in the help file and by various suggestions, this is our new footer (btw unsubscribe by email is LAGGED and takes 5-10 minutes before it works): --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to [email protected] with the body: unsubscribe ad-list
