IT Technologies

SUMMARY 

A virtual hosting environment lets you run multiple guest operating systems on a single host computer at the same time. Host software virtualizes resources that include the following:

MORE INFORMATION

Things to consider when you host domain controller roles in a virtual hosting environment

• To help preserve the integrity of the Active Directory database if a power loss or another failure were to occur, the Active Directory service performs un-buffered writes and tries to disable the disk write cache on volumes hosting the Active Directory database and log files. Active Directory also attempts to work in this manner when installed in a virtual hosting environment.
  
  If the virtual hosting environment software correctly supports a SCSI emulation mode that supports forced unit access (FUA), un-buffered writes that Active Directory performs in this environment are passed to the host operating system. If forced unit access is not supported, you must disable the write cache on all volumes of the guest operating system that host the Active Directory database, the logs, and the checkpoint file.
  
  Notes
  • You must disable the write cache for all components that use Extensible Storage Engine (ESE) as their database format. These components include Active Directory, the File Replication Service (FRS), Windows Internet Name Service (WINS), and Dynamic Host Configuration Protocol (DHCP). 
  • As a best practice, consider installing uninterruptable power supplies on VM hosts.
  
  
• An Active Directory domain controller is intended to run Active Directory mode continuously as soon as it is installed. When the domain controller is started, end-to-end replication of Active Directory must occur. Make sure that all the domain controllers perform inbound replication on all locally held Active Directory partitions according to the schedule defined on site links and connection objects, especially in the number of days that is specified by the tombstone lifetime attribute.
  
  If inbound replication does not occur, the following Error event may be logged in the Directory Service log:
  Event ID: 2042
  Source: NTDS Replication
  Type: Error
  Description: It has been too long since this machine last replicated with the named source machine. The time between replications with this source has exceeded the tombstone lifetime. Replication has been stopped with this source.
  When this replication does not occur, you may experience an inconsistency in the contents of Active Directory databases on domain controllers in the forest. This inconsistency occurs because knowledge of deletes is persisted for tombstone lifetime number of days. Domain controllers that do not transitively inbound replicate Active Directory change in a rolling tombstone lifetime number of days cause lingering objects. Lingering objects are objects intentionally deleted by an administrator, service or operating system that incorrectly exists on destination DCs that did not perform timely replication. The cleanup of lingering objects can be very time-consuming, especially in multi-domain forests that include many domain controllers.
• When a domain controller runs in a virtual hosting environment, do not pause the domain controller for long periods of time before you resume the operating system image. If you do pause the domain controller for a long time, replication may stop and cause lingering objects. The following Error event may be logged in the Directory Service log:
  Event ID: 2042
  Source: NTDS Replication
  Type: Error
  Description: It has been too long since this machine last replicated with the named source machine. The time between replications with this source has exceeded the tombstone lifetime. Replication has been stopped with this source.
• An Active Directory domain controller requires regular system state backups to recover from user, hardware, software, or environmental problems. The default useful life of a system state backup is 60 or 180 days, depending on the operating system version and the service pack revision at play during the installation. This useful life is controlled by the tombstone lifetime attribute in Active Directory. At least one domain controller in every domain in the forest should be backed up every tombstone lifetime number of days.
  
  In a production environment, you should make system state backups from two different DCs on a daily basis.
• Configure DNS Client settings correctly on host and guest computers
  
  In an effort to boot with the latest zone contents, the Microsoft DNS Server service waits 15 or more minutes for Active Directory to inbound replicate before loading an AD-integrated DNS zone.
  
  Configuring DC guests to point to themselves as primary for name resolution causes domain controllers to hang while applying network connections during OS startup. Virtualized domain controllers should point to one or two reliable off-box DNS Servers to insure faster OS startup.
  
  Similarly, virtual host computers should point to one or two off-box DNS Servers for name resolution. Virtual host computers should not point to virtualized DNS Server running on the local virtual host computer.
  
  For more information, see MKSB article 2001093: Troubleshooting DNS Event ID 4013: The DNS server was unable to load AD integrated DNS zones
  
• To roll back the contents of Active Directory to a previous point in time, restore a valid system state backup. A system state backup can be restored up to the tombstone lifetime number of days after the backup was performed. The backup must have also been made on the same operating system installation as the operating system that you are restoring.
  
  Active Directory does not support other methods to roll back the contents of Active Directory. In particular, Active Directory does not support any method that restores a "snapshot" of the operating system or the disk volume the operating system resides on. This kind of method causes a rollback in the update sequence number (USN) used to track changes in Active Directory. When a USN rollback occurs, the contents of the Active Directory databases on the improperly restored domain controller and its replication partners may be permanently inconsistent
  
  Events and errors logged during a USN rollback include:
  
  Event 2103: The Active Directory database has been restored using an unsupported restoration procedure
  Error 8456: the source server is currently rejecting replication requests
  Error 8457: The destination server is currently rejecting replication requests
  
  For the same reasons, Active Directory domain controllers do not support using "undo" and "differencing" features in Virtual PC on operating system images for domain controllers that run in virtual hosting environments.
  
  For more information on USN rollbacks, see:
  
  MSKB 875495: How to detect and recover from a USN rollback in Windows Server 2003
  Appendix A: Virtualized domain controllers and replication issues
  
• Performance considerations
  
  The peak and steady state load generated by a collection of VM guests should not exceed the capabilities of the virtual host computer and network infrastructure. Specifically, collection of VM guests should not exceed the capabilities of the CPU, disk subsystem, memory, and network bandwidth on a common host computer. Some load scenarios can exceed capabilities that a DC on single physical computer can service so multiple physical or virtual computers may be required.
  
  Load and criticality may dictate that some roles be deployed on physical hardware.
  • Global Catalogs - Evaluate whether Exchange facing Global Catalogs in your deployment can be deployed on VM’s or physical hardware.
  • FSMO roles - The load for FSMO roles is fairly light except for the primary domain controller. (The domain controller receives password updates for users, computers and trusts following password changes.) Additionally, the PDC is consulted by remote DCs if user or computers logon with mismatched passwords.
    
    The RID and Schema FSMO availability are used infrequently, but they are critical under certain circumstances. 
  • DNS Server – Both the DNS client and DNS Server cache queries. DNS Servers provide their best performance when sufficient memory is available to cache the contents of DNS zones. The loading of AD-integrated zones is delayed unless Active Directory 1st inbound replicates. The DNS Client settings on a DNS Server should point to multiple DNS Servers that can resolve the CNAME records of replication partners to their IP addresses.
• Avoid single points of failure
  
  The same rules that apply to a domain controller that is running on physical hardware also apply to deployments on virtual machines. In an optimal deployment, the domain controllers in a common domain or forest should be staged across physical and virtual hosts, different VM hosts, in different racks, on different VLANS and power grids, in different data centers, in different regions of the world, and in different failover clusters.
  
  You may loose entire domains when the hard drive hosting all of the virtualized DC files or a domain or forest crash. 
• Virtualized DCs in clustered hosts 
  In order for the nodes, disks and other resources on a clustered computer to auto-start, authentication requests from the clustered computer must be serviced by a DC in the cluster computer's domain.
  
  To insure that such a DC exists during cluster OS startup, deploy at least 2 domain controllers in the clustered host computer's domain on physical hardware. The physical DCs should be kept online and be network accessible (in DNS + all required ports and protocols) to the clustered hosts. If the only DC’s that can service authentication request during cluster startup reside on a cluster computer that is being restarted, authentication requests will fail and manual recovery steps will be required to make the cluster operational.
  
  Virtualized DCs may be placed on Cluster Shared Volumes (CSV) and non-CSV volumes. CSV disks cannot be brought online unless authentication request have been serviced by Active Directory. Non-CSV disks can be brought online without authentication. Because non-CSV disks can be brought online more easily, Microsoft recommends that files for virtualized domain controllers be placed on non-CSV disks.
  
  Note: Always have at least one DC that is on physical hardware so that failover clusters and other infrastructure can start. When you host domain controllers on virtual machines that are managed by Windows Server 2008 R2 or by Hyper-V Server 2008 R2, we recommend that you store the virtual machine files on cluster disks that are not configured as Cluster Shared Volumes (CSV) disks. This allows for easier recovery in specific failure situations. If there is a site failure or a problem that causes the whole cluster to crash and the DC on physical hardware is not available, storing the virtual machine files on a non-CSV cluster disk should enable the cluster to start. In this situation, the disks that are required by the virtual machine can be brought online. This will let you start the virtual machine that hosts the domain controller. Then, you can bring CSV disks online and start other nodes. This process is required only if there are no other domain controllers available at the time that the cluster is started.
  
  
  
  
• Make a list of the hotfixes that must be installed on the domain controller that runs in the virtual hosting environment.
  
  We recommend that you install either Windows Server 2003 Service Pack 1 or the 875495 hotfix on all Windows Server 2003 domain controllers. On a Windows 2000 Server-based domain controller, install the 885875 hotfix. For more information about Windows Server 2003 Service Pack 1, click the following article number to view the article in the Microsoft Knowledge Base:
  889100  How to obtain the latest service pack for Windows Server 2003
  For more information about the 875495 hotfix, click the following article number to view the article in the Microsoft Knowledge Base:
  875495  How to detect and recover from a USN rollback in Windows Server 2003
  For more information about the 885875 hotfix, click the following article number to view the article in the Microsoft Knowledge Base:
  885875  How to detect and recover from a USN rollback in Windows 2000 Server
  
  To view the "Running Domain Controllers in Virtual Server 2005" white paper, visit the following Microsoft website:
  http://www.microsoft.com/downloads/details.aspx?FamilyID=64db845d-f7a3-4209-8ed2-e261a117fc6b&displaylang=en
  The third-party products that this article discusses are manufactured by companies that are independent of Microsoft. Microsoft makes no warranty, implied or otherwise, regarding the performance or reliability of these products.