Virtualized Domain Controllers
.gif)
Domain controllers that are running on virtual machines have operational restrictions that do not apply to domain controllers that are running on physical machines. When you use a virtualized domain controller, there are some virtualization software features and practices that you should not use:
- Do not pause, stop, or store the saved state of a domain controller in a virtual machine for time periods longer than the tombstone lifetime of the forest and then resume from the paused or saved state. Doing this can interfere with replication.
- Do not copy or clone virtual hard disks (VHDs).
- Do not take or use a Snapshot of a virtual domain controller.
- Do not use a differencing disk VHD on a virtual machine that is configured as a domain controller. This makes reverting to a previous version too easy, and it also decreases performance.
- Do not use the Export feature on a virtual machine that is running a domain controller.
- Do not restore a domain controller or attempt to roll back the contents of an Active Directory database by any means other than using a supported backup.
Recommendation is Maintain physical domain controllers in each of your domains. This mitigates the risk of a virtualization platform malfunction that affects all host systems that use that platform.