Windows Server Q&A From Recent OEM Events Part 2

Another two cities visited, and more Q/A that are recurring themes…

When did Windows Server stop including base CALs?

This change was introduced in 2012 with Windows Server 2012 Standard and Datacenter editions

If I have two Windows Server 2012 R2 Standard host servers running Hyper-V with two VMs running on each server, can I move all four VMs onto a single server while performing maintenance on the other server?

No, from a licensing perspective this is not covered, as each copy of Windows Server 2012 R2 Standard is licensed to run two VMs, it's not an aggregate number that can run in any combination across all of the host servers. To allow for scenarios such as this to run within the licensing boundaries, you would need to have either stacked Windows Server 2012 R2 Standard licenses, or for larger deployments looked at where Datacenter's unlimited VM option becomes preferable.

Should I join my Hyper-V host to the domain?

There are some different schools of thought on this, but here is the Microsoft recommendation, which is yes, join the domain.

Hyper-V: Domain membership is recommended for servers running Hyper-V 

Why are there different opinions on this? The Microsoft recommendation is based on simplifying management, having the Hyper-V host as part of the domain. Domain joined instead of in a workgroup means that it is easier to manage and apply the appropriate security policies, updates, etc on, as opposed to a workgroup based approach which leaves the Hyper-V host isolated on the network with separated management duties. If you are using the RSAT tools for management, then the domain joined Hyper-V host also makes life easier when managing from a domain joined client.

Many of the recommendations to not join the domain are based on pre-2012 versions of Hyper-V and Windows Server Active Directory Domain Services, and if you have a management approach that takes the workgroup element into account in a single host server environment, you aren't going to miss the domain joined features such as Live Migration, Storage Migration and Shared Nothing Migrations that Windows Server 2012 R2 provides.

So this means that in some cases it really ends up being personal preference, but here are a few more Microsoft articles to help you decide…just remember that if you are looking for other articles to support/refute anything in this answer, also take into account the date the information was published, a good example is this article from 2008… The Domain Controller Dilemma

Virtualized Domain Controller Technical Reference – this is perhaps a bit deeper than you may need to go, but gives some good information on some of the under the cover changes to virtualised DCs.

Windows Server 2012 Hyper-V Best Practices (In Easy Checklist Form) – this one from Microsoft's Premier Field Engineering team gives the following nugget… "Host should be domain joined, unless security standards dictate otherwise. Doing so makes it possible to centralize the management of policies for identity, security, and auditing. Additionally, hosts must be domain joined before you can create a Hyper-V High-Availability Cluster. "

Running Domain Controllers in Hyper-V – take special note of the "Avoid creating single points of failure" section. In many single host SMB environments you are going to have to compromise, but it doesn't mean you can't find a workable solution.

Skip to main content