Tek-Tips is the largest IT community on the Internet today!

Members share and learn making Tek-Tips Forums the best source of peer-reviewed technical information on the Internet!

Register Log in
  • Congratulations SkipVought on being selected by the Tek-Tips community for having the most helpful posts in the forums last week. Way to Go!

making a VM out of my Windows domain controllers, creating new domain

Status
Not open for further replies.
blade10

blade10

IS-IT--Management
Feb 2, 2008
144
0
0
US
All-

If I am in the wrong forum I also posted to Win2k server grp so I hope I'm not imposing on the wrong forum but this (technical connundrum) does require vm answers.

Here's my inquiry

I have a good working AD schema with an empty root and two child domains in NY... we have a separate DR site that has a few Windows servers, an ESX VC environment with more Windows servers.. right now there is a trust between my AD structure in NY and this separate DR site so that technicians can rdp to certain servers and the ESX V.Center using the VI client and RDP.

Well.... I would like to create a proper domain at the DR and virtualize it. Has anyone here attempting making a VM out of the 2 top FSMO forest role DC and separately the domain wide role DCs also VM's and perhaps redeployed them somewhere else without any issues?

I suppose what I need is to VM my current domain controllers in NY and use the templates to create another domain structure at the other DR site then issuing a one way trust from the new Trusting domain (the DR site) to the trusted site (Our current AD site in NY).

If anyone has done this please let me know of pros and cons.... or would it be easier to create an ISO of a Windows 2003 server CD and just start clean.. I would need to join all the VM's and small amount of physical servers at the DR site to the new Domain regardless..

Any support with this would be greatly appreciated

blade
 
Sort by date Sort by votes
You won't be able to P2V your existing DC's and rename them (it causes all sorts of issues).

As far as virtualising a DC in a VMware environment then you have nothing to worry about, as long as your Host box has plenty of ram and cpu power in it then you are able to run AD without a problem.

FYI I ran an entire AD \ SCCM infrastructure on VMware without issue and we also had Microsoft onsite building up an environment with much more in it on VMware, again without issue.

Just as long as you sort out your routing between the Host and the rest of the network then you will be able to create the trust relationship.

VM all the way baby.

Simon

The real world is not about exam scores, it's about ability.

 
Upvote 0 Downvote
You cannot P2V a DC because it has to be turned off. The reason is, there is no write cache on a DC, so P2V will cause errors when you move a running DC. Recommend building a new DC and migrating your roles to it.
 
Upvote 0 Downvote
I'll differ slightly from TechyMcSe2k's answer in that you could P2V the DC if you have a secondary one available or do it when no one is working. With Windows 2000 you WILL have to reboot the machine before after installing the P2V tools to begin the process. Just know that up front.

If you have the time to do all the set up, starting clean is always a plus, you can clean up any messes on an older domain especially if you took it over from someone else. If not, I'd agree with Simon, P2V your DC's. Just remember if you have more than one DC in the same environment to set up roles to keep them from being on the same hardware at the same time. Just in case the worst case happens.

The old admin for the company I am at now used our domain as his testing grounds when he was trying to get his MCSE, it was a total mess by the time I took it over. So worth building a new domain.

Cheers
Rob

The answer is always "PEBKAC!
 
Upvote 0 Downvote
thanks to all!

I think I will start clean, the previous engineer stated there is a template of a window 2k3 dc already created which he stated he tested and looked good.. so no duplicate sid nor any other "gotchas" should persist...

thank you all for your info and if there are any other potential gotchas you'd like to assess before I begin, please let me know

thanks again

blade
 
Upvote 0 Downvote
ArizonaGeek-

I have decided to start clean, built the vm from win2k3 disk. At this point... run dcpromo? do I need to run adprep since this will be the first DC in the new forest? how can I make this an empty root which is what MS best practice suggests..

any info or url links would be greatly appreciated as I am eager to start the whole thing

Happy Holidays!!
blade
 
Upvote 0 Downvote
Just run dcpromo and choose New Domain or something like that... too early... to rem.
 
Upvote 0 Downvote
Status
Not open for further replies.

Similar threads

msk69
  • Locked
  • Question
VMWare 6.5
Replies
1
Views
71
biglebowski
biglebowski
Matt B
  • Locked
  • Question
Moving VM to new datastore failed, now vmdk files not found error
Replies
1
Views
131
John2Evans
John2Evans
bfordz
  • Locked
  • Question
need to add another VM to current ESXi HDD
Replies
2
Views
83
bfordz
bfordz
Tosu
  • Locked
  • Question
configure vmware player network
Replies
0
Views
64
Tosu
Tosu
nakivo
  • Locked
  • Question
Convert VHD to VMDK?
Replies
0
Views
53
nakivo
nakivo

Part and Inventory Search

Sponsor

Back
Top