Following on from File Server and Web Server migration, today's focus is on Active Directory migration recommendations from the Migration Planning Assistant.
Virtualizing Active Directory Domain Services
Consider the following guidelines when virtualizing Active Directory Domain Services:
- Installation: You can install a Windows Server domain controller as a virtual machine, along with other application servers, on a single physical Windows Server 2012 R2 server.
- Virtualized domain controller cloning: Windows Server 2012 R2 introduces virtualized domain controller cloning. In earlier Windows Server editions, domain controllers running within a virtual machine were unaware of their virtual state. This made processes like cloning and restoring virtual machine snapshots potentially dangerous because changes could occur to the operating system environment that the domain controller did not expect.
- Safe backup and restore: Rolling back to a previous snapshot of a virtualized domain controller is problematic because Active Directory Domain Services uses multi-master replication that relies on transactions being assigned numeric values, or update sequence numbers (USNs). The virtualized domain controller tries to assign USNs to prior transactions that have been assigned to valid transactions, which causes inconsistencies in the Active Directory Domain Services database. Starting with Windows Server 2003, Windows Server operating systems implement a process called USN rollback protection. It ensures that the virtualized domain controller does not replicate; it must be demoted forcibly or restored manually. Further, Windows Server 2012 detects the snapshot state of a domain controller, and then synchronizes or replicates the delta of changes between a domain controller and its partners for Active Directory Domain Services and the SYSVOL. This allows you to use snapshots without the risk of permanently disabling domain controllers or requiring manual forced demotion, metadata cleanup, and re-promotion.
- Physical security: Remember that you must also ensure the maintenance of physical security for your host computer. The VHD that contains the virtualized domain controller stores sensitive information, and compromising this data can create significant additional work for your organization.
Virtualizing DHCP Servers
You should consider virtualizing DHCP servers as part of a server consolidation effort. Because they have low resource utilization, DHCP servers are good candidates for virtualization. You can cohost multiple services on the same virtual server, such as DHCP, DNS, and Active Directory Domain Services.
Upgrade on new hardware
Hardware requirements define the minimum hardware required to run the Windows Server 2012 R2 server, but your actual hardware requirements might be greater, depending on the server’s load and responsiveness and the services that it hosts. Each role service and feature places a unique load on network, disk I/O, processor, and memory resources. For example, the File Server role places different stresses on server hardware than the DHCP role does.
Confirm that running this workload on a physical server is required. Running workloads as Virtual Machines offer more flexibility and tend to be more cost effective
Upgrade on virtual machine
Windows Server 2012 R2 can be deployed on a virtual machine in your Microsoft Hyper-V or other hypervisor environment for increased operational efficiency, flexibility, and ease of management. Windows Server 2012 R2 virtualized deployments need to match the same hardware specifications as physical deployments. For example, when you create a virtual machine to host Windows Server 2012 R2, you need configure the virtual machine with enough memory and hard disk space.
When deploying Virtual Workloads verify you are building with capacity to support all workloads that the Virtualization Host supports