Managing Hosts in Windows 2000 AD Forest By Using VMM 2008

As you know when you install VMM 2008 server, the computer where you want to install VMM 2008 Server must be joined in a Windows 2003 or Windows 2008 AD domain. That's a hard requirement and the install will be blocked if it is not met.

We hope all our customers have migrated their AD infrastructure from Windows 2000 AD to Windows 2008 or, at least, Windows 2003 version. There is just a little over two years before Windows 2000 server is complete out of support (7/13/2010).

However, in case you are one of the few customers who have not fully migrated, or are still in process of migrating your Windows 2000 AD infrastructure to a recent version, here is what you could try to temporarily workaround this limitation before or during your AD migration:

• If you have not done forest-prep, perform forest-prep in the Windows 2000 AD forest and get the schema updated to Windows 2003 or 2008 AD schema.
  • Note: There will be result in short-term replication traffic overhead in your network, since Windows 2000 AD cannot replicate deltas of the PAS.
• Introduce a separate Windows 2003 or Windows 2008 AD site in your Windows 2000 AD forest that will contain the VMM Server and Hyper-V host servers.
• Configure two-way trust between the Windows 2003 or Windows 2008 AD domain controller and the Windows 2000 AD forest domain controllers.
• Through AD site topology and DNS enforcement, ensure that VMM Server only authenticate with the Windows 2003 or the Windows 2008 domain controller.

After above configuration, you should be able to add hosts that live in a Windows 2000 AD forest into the VMM server that is in a Windows 2003 or Windows 2008 AD site.

Here is a reference document on how to set up a separate AD site for Exchange:Microsoft IT Showcase: Creating an Active Directory Site for Exchange Server 

Thanks for reading!

Cheng