There are some issues with virtualising DCs (e.g. you ever restore them from a snapshot) due to USN-rollback - something to consider.
Making the host OS part of the domain can assist with management (e.g. you can manage it using System Center Virtual machine Manager 2008), but you'd then need DCs for that domain somewhere else (it can be problematic attempting to do something on the host if your only DCs are virtualised on that host, and you can't get the DCs started for some reason). Exchange 2007 has significantly higher resource requirements than Exchange 2003 (as well as new role separation). Something else to consider. If you can get yourself a cluster + SAN, then my opinion is that you'd have a lot more options in terms of reducing downtime etc, as Hyper-V virtual machines are a clusterable resource Cheers Ken -----Original Message----- From: John Hornbuckle [mailto:[EMAIL PROTECTED] Sent: Saturday, 10 May 2008 4:41 AM To: NT System Admin Issues Subject: Virtualization on Server 2008 I mentioned in another thread that this summer I'm looking at migrating our first servers from Server 2003 to Server 2008, migrating from Exchange 2003 to 2007, and consolidating a couple of servers. Good times. I want to make use of server virtualization, which I've never played with before. My vision is to have a big central server for our organization that runs Exchange, our web sites, and handles FSMO roles in separate VMs. Any thoughts/input/caveats on this idea? We're a small organization--around 550 users. We currently have Exchange and our web sites running on the same physical server with no problems, and that server is 5 years old. It has more than enough horse power to handle these tasks, but is reaching the end of its life. Maybe there's no need to separate things into different VMs. I know that in the past, it wasn't considered a best practice to run Exchange on a DC. That's why I was looking at putting Exchange in its own VM, and then having a separate VM that is a DC and handles FSMO roles. But then, is there a need to put the DC and FSMO roles in its own VM vs. just being handled by the host OS? And my reason for running IIS in its own VM was for security--if some sort of exploit allows IIS to be hacked, the hacker would be isolated from other functions of the server. But maybe that's paranoia; I know IIS's and Windows' security have improved quite a bit from back when I first started cutting my teeth. John Hornbuckle MIS Department Taylor County School District 318 North Clark Street Perry, FL 32347 www.taylor.k12.fl.us ~ Upgrade to Next Generation Antispam/Antivirus with Ninja! ~ ~ <http://www.sunbelt-software.com/SunbeltMessagingNinja.cfm> ~ ~ Upgrade to Next Generation Antispam/Antivirus with Ninja! ~ ~ <http://www.sunbelt-software.com/SunbeltMessagingNinja.cfm> ~
