Since I have to prove it is OK to virtualize Domain Controllers (specifically 2012 DCs running on HyperV3), I came across this whitepaper by VMware:
http://www.vmware.com/files/pdf/Virtualizing_Windows_Active_Directory.pdf It had this section and I have not seen this info before (or maybe I haven't gotten to it yet in Brian's 5th Edition AD book). Have any of you ever done this? <quote> Making DNS Modifications The PDC Emulator FSMO role is very busy in an Active Directory infrastructure. In addition to playing the part of a domain controller and acting as the timekeeper for the domain, the PDC Emulator is responsible for processing password changes for its domain, authenticating failed password requests, and “emulating” a PDC for down-level servers such as NT 4.0 BDCs and clients. In addition, some legacy applications are still written to specifically contact the PDC of the domain. By modifying the weight and/or priorities of the DNS SRV records, you can relieve the load on the PDC Emulator. Simply direct logon authentications to specific domain controllers or away from the PDC Emulator. DNS Weight DNS weight uses a proportional system to distribute the requests among servers. The weight is actually an arbitrary value assigned to DNS SRV records to balance or distribute authentication requests among the domain controllers. By default, the assigned value is 100; reducing this value changes the proportional value relative to other servers so that a server with a lower value receives fewer requests. For example, if a DNS SRV record is lowered to 25 or 50 from a default of 100, it means that server will receive authentication requests 25 or 50 percent of the time in proportion to the others. DNS Priority DNS priority allows the administrator to inflate the DNS SRV record to a value so high, artificially, that it would be unlikely to receive a request unless no others are available to respond. By default, the value is set at 0. Setting priority extremely high, say 100 or 200, significantly reduces the chances the server will get the request. Adjusting Weight and Priority To adjust the weight and priority in a PDC Emulator, add to the following key: HKLM\System\CurrentControlSet\Services\Netlogon\Parameters • Set the LdapSrvWeight DWORD to a decimal value of 25 or 50. • Set the LdapSrvPriority DWORD decimal value to 100 or 200. Note that registry changes may require a reboot. These changes can also be performed directly through DNS Manager by simply double-clicking on the record, then adjusting. Using the weight and priority strategy is an excellent way to wean client requests away from the physical domain controllers and direct them to the virtual machine domain controllers. This will allow you to safely begin the decommissioning process of your physical domain controllers. </quote> Thanks Carl Webster Consultant and Citrix Technology Professional http://www.CarlWebster.com<http://www.carlwebster.com/>
