Converting Second Domain Controller from Physical to VM
-
Remember a AD DC is an application level cluster. Instead of migrating just make a new DC VM, get it working and shut down the physical. There is no migration needed.
-
The reason it isn't a good idea is that it makes AD all kinds of not happy for various reasons.
It truly is easier to make a new VM, promote it to DC, and let it sync.
-
DC is not special, it is the same for any live database cluster node. It's just that in the SMB you rarely deal with advanced databases so don't see this. This is standard in bigger businesses with big databases.
-
@scottalanmiller said in Converting Secondary Domain from Physical to VM:
You never convert a DC or migrate one. P2V is an image migration process. Since you don't image a DC that rules that out.
Understood. Thanks for the info
-
@scottalanmiller said in Converting Secondary Domain from Physical to VM:
DC is not special, it is the same for any live database cluster node. It's just that in the SMB you rarely deal with advanced databases so don't see this. This is standard in bigger businesses with big databases.
This makes complete sense to me. Thank you.
-
Other common places you would see this is a MongoDB cluster node, Redis node, Cassandra node, MariaDB Galera node, etc.
-
Is there a way for me to verify this secondary dc is functioning as intended?
-
@wirestyle22 said in Converting Secondary Domain from Physical to VM:
Is there a way for me to verify this secondary domain is functioning as intended?
Try binding to it.
-
@coliver said in Converting Secondary Domain from Physical to VM:
@wirestyle22 said in Converting Secondary Domain from Physical to VM:
Is there a way for me to verify this secondary domain is functioning as intended?
Try binding to it.
I worded this wrong. Sorry.
This is a secondary DC. I didn't think you could specify the domain controller, it's just round robin. How do I verify that it's working.
-
@wirestyle22 said in Converting Secondary Domain from Physical to VM:
@coliver said in Converting Secondary Domain from Physical to VM:
@wirestyle22 said in Converting Secondary Domain from Physical to VM:
Is there a way for me to verify this secondary domain is functioning as intended?
Try binding to it.
I worded this wrong. Sorry.
This is a secondary DC. I didn't think you could specify the domain controller, it's just round robin. How do I verify that it's working.
Shut down all the other DC when you test?
-
@travisdh1 said in Converting Secondary Domain from Physical to VM:
@wirestyle22 said in Converting Secondary Domain from Physical to VM:
@coliver said in Converting Secondary Domain from Physical to VM:
@wirestyle22 said in Converting Secondary Domain from Physical to VM:
Is there a way for me to verify this secondary domain is functioning as intended?
Try binding to it.
I worded this wrong. Sorry.
This is a secondary DC. I didn't think you could specify the domain controller, it's just round robin. How do I verify that it's working.
Shut down all the other DC when you test?
just remember to
/wrists
-
@wirestyle22 said in Converting Secondary Domain from Physical to VM:
@coliver said in Converting Secondary Domain from Physical to VM:
@wirestyle22 said in Converting Secondary Domain from Physical to VM:
Is there a way for me to verify this secondary domain is functioning as intended?
Try binding to it.
I worded this wrong. Sorry.
This is a secondary DC. I didn't think you could specify the domain controller, it's just round robin. How do I verify that it's working.
Second DC, not secondary. Haven't been secondary DCs ever in Active Directory. That terminology is mistakenly brought over from the PDC/BDC days of Windows NT and the SAM system that pre-dates AD. Once AD replaced SAM, there was no more secondary concepts.
-
@scottalanmiller said in Converting Secondary Domain from Physical to VM:
@wirestyle22 said in Converting Secondary Domain from Physical to VM:
@coliver said in Converting Secondary Domain from Physical to VM:
@wirestyle22 said in Converting Secondary Domain from Physical to VM:
Is there a way for me to verify this secondary domain is functioning as intended?
Try binding to it.
I worded this wrong. Sorry.
This is a secondary DC. I didn't think you could specify the domain controller, it's just round robin. How do I verify that it's working.
Second DC, not secondary. Haven't been secondary DCs ever in Active Directory. That terminology is mistakenly brought over from the PDC/BDC days of Windows NT and the SAM system that pre-dates AD. Once AD replaced SAM, there was no more secondary concepts.
non FSMO DC?
-
@wirestyle22 said in Converting Secondary Domain from Physical to VM:
@scottalanmiller said in Converting Secondary Domain from Physical to VM:
@wirestyle22 said in Converting Secondary Domain from Physical to VM:
@coliver said in Converting Secondary Domain from Physical to VM:
@wirestyle22 said in Converting Secondary Domain from Physical to VM:
Is there a way for me to verify this secondary domain is functioning as intended?
Try binding to it.
I worded this wrong. Sorry.
This is a secondary DC. I didn't think you could specify the domain controller, it's just round robin. How do I verify that it's working.
Second DC, not secondary. Haven't been secondary DCs ever in Active Directory. That terminology is mistakenly brought over from the PDC/BDC days of Windows NT and the SAM system that pre-dates AD. Once AD replaced SAM, there was no more secondary concepts.
non FSMO DC?
Think of it as a "Member DC" rather than a "Solo DC". What matters is that it is not alone.
FSMO roles do matter, but only in that post DC setup they should be moved over.
-
Wait. Sorry this is a second DC in your current domain or a secondary domain?
-
@coliver said in Converting Second Domain Controller from Physical to VM:
Wait. Sorry this is a second DC in your current domain or a secondary domain?
Second DC. Sorry, I wrote it wrong.
-
Another question I have is: Does the hypervisor need to be syncing with the time server or is that only important for the VM's?
-
@wirestyle22 said in Converting Second Domain Controller from Physical to VM:
@coliver said in Converting Second Domain Controller from Physical to VM:
Wait. Sorry this is a second DC in your current domain or a secondary domain?
Second DC. Sorry I wrote it wrong.
No problem. If that's the case you can use powershell to test against it. You'll also want to take a look at repadmin to make sure that replication is going through correctly.
-
@wirestyle22 said in Converting Second Domain Controller from Physical to VM:
Another question I have is: Does the hypervisor need to be syncing with the time server or is that only important for the VM's?
It's less important but it's generally a good idea to have everything sync to the same time server.
-
@coliver said in Converting Second Domain Controller from Physical to VM:
@wirestyle22 said in Converting Second Domain Controller from Physical to VM:
Another question I have is: Does the hypervisor need to be syncing with the time server or is that only important for the VM's?
It's less important but it's generally a good idea to have everything sync to the same time server.
I disable time sync to the Hypervisor always. It is never anything but trouble.