DC FSMO considerations in a virtualized environment?

pwjohnston

Do you guys have any recommendations on places I can read up on this?

We currently have a Citrix Xenserver deployment, 2 servers in a pool, 2 TB SAN. Out primary DC (and all the FSMO roles) is running on hardware that is literally 9 years old (Dell PE6450). I want this moved.

My options are the second physical DC, a PE 860 and will be 4 years in November or to the virtualized DC3. So originally I wanted to put a DC on both virtual servers in the pool and have a physical for backup. So the real question is where to put the FSMO roles?

RobertKaucher

I have been considering this myself. I have decided to keep the FSMO roles on a single physical box. We are small enough that that is the best option. We have two other DCs, one on each of our VMware hosts. Due to our small size keeping it simple was more important that any other considerations. Here are some articles:

Things to consider when you host Active Directory domain controllers in virtual hosting environments

FSMO placement and optimization on Active Directory domain controllers

RTmarc

My mantra is to always keep at least one physical DC. Some guys architect it differently but since pretty well everything in the environment relies on AD, I'd prefer to have at least just one physical box that isn't tied to my virtual environment. The old saying "all your eggs in one basket" comes to mind. Also, keep in mind network time is usually based on the PDC. Physical boxes usually have no issue with time drift which can be an issue with virtual counterparts.

pwjohnston

Ya, that’s kind of what I thought I was going to do. Thank you for the articles Robert.