<div dir="ltr"><blockquote style="border-left: 1px solid rgb(204, 204, 204); margin: 0pt 0pt 0pt 0.8ex; padding-left: 1ex;" class="gmail_quote">[Forget VM's for this] Isn't that the point of having multiple DC's?<br>
The network still runs in the event one DC fails? But what happens if<br>
it takes a couple days to get a replacement part to get the failed DC<br>
back up and running?</blockquote><div><br>When the Offline DC holds the Host Masters the issue is a bit different, but when the offline dc doesn't hold any Master Roles the DC being offline shouldn't encounter a problem unless it goes past the Tombstone lifetime, which is 30 days by default I believe.<br>
The problem occurs when the Offline domain controller becomes untrusted.<br>For security reasons (is my guess) Microsoft does not elaborate on the exact conditions that cause a situation in which one of the DC's becomes untrusted.<br>
In testing environments during configuration changes of security accounts while a domain controller was offline, I've had the partner domain controller become unstrusted in as little as 3 days!<br>This problem CAN be corrected and is not as serious as a USN rollback.<br>
If I was at work I could send you a log containing all of the NTDS errors I've encountered.<br>Wether this is documented or not I've experienced the behavior in very short amounts of time being offline.<br>I believe this is why Microsoft suggests when transporting a DC regardless of the offline time, to first demote it, then restore from a recent AD Backup. (theres a best practice somewhre about this)<br>
</div><br>I agree with you, I am avoiding virtualizing Exchange 2007 and any 2008 products until they are tried and tested - you would be smart to hold off on exchange, besides most exchange servers have fairly high resource requirements on a continual basis, so a dedicated box isn't all bad.<br>
<br>We and MANY MANY MANY hosted exchange and hosted database companies run both exchange 2003, 2007, and sql 2005 in virtual environments.<br>My litmus test for doing something that isn't supported by Microsoft is composed of these questions:<br>
1.) How many other organizations do it anyway?<br>2.) Are they not supporting it for monetary reasons, or technical reasons?<br>3.) How hard is it to 'go back' to a supported environment.<br>4.) Can I test my environment and have one foot in and one foot out?<br>
<br>I think with SQL servers especially those questions can be answered:<br>Lots,<br>Monetary,<br>Not Hard if done early on.<br>Yes.<br><br>We have quite a few SQL 2005 virtualized instances - developers love it, and there is no reason not to do it.<br>
Oh you want to try and work on the (name here) database while your in Arizona? here just take server with you ... (done) <br><br>And Microsoft did publish an article on considerations... so if you follow that you should be in their (albeit unsupported) good graces.<br>
<a href="http://www.microsoft.com/sql/techinfo/whitepapers/virtenviron.mspx">http://www.microsoft.com/sql/techinfo/whitepapers/virtenviron.mspx</a><br><br>SQL 2003 works great hosted on VM Server 1.06, 2.0, ESX, and ESXi - so you should be fine any way you go about it.<br>
<br><div class="gmail_quote">On Tue, Oct 14, 2008 at 5:04 PM, Bruce Smith <span dir="ltr"><<a href="mailto:blubdog@gmail.com">blubdog@gmail.com</a>></span> wrote:<br><blockquote class="gmail_quote" style="border-left: 1px solid rgb(204, 204, 204); margin: 0pt 0pt 0pt 0.8ex; padding-left: 1ex;">
<div class="Ih2E3d">> Let me explain my experiences in some more detail for you Bruce :)<br>
<br>
</div>And I appreciate this very much!!! :-)<br>
<br>
Currently I have mostly Linux servers virtualized.<br>
<br>
The only Windows boxes I currently have in a VM are a couple Win2003<br>
Terminal Servers, and those were built from scratch.<br>
<div class="Ih2E3d"><br>
> Exchange 2003, and 2000 servers:<br>
<br>
</div>We will be installing Exchange 2007 shortly, although probably not in<br>
a VM since our consultant says it's not supported by Microsoft.<br>
<br>
> Sql 2000:<br>
<br>
What about newer versions of SQL server? (2005?)<br>
<br>
We have a couple low usage SQL servers that are installed and<br>
maintained by outside parties (i.e. our payroll vendor). Those would<br>
be nice to virtualize. And it's be nice to avoid major problems so<br>
employees (including myself) keep geetting paid! :-)<br>
<div class="Ih2E3d"><br>
> Domain Controllers: (I will go into some detail here seeing you are<br>
> considering this)<br>
> Windows Domain Controllers states cannot be restored, they cannot be left<br>
> offline, snapshots cannot be used - any of this can cause a USN Rollback -<br>
> which is bad, and basically makes the server useless, untrusted by the<br>
> remaining domain controllers, and unsyncable.<br>
> This can happen if you leave the server connected to the network AFTER<br>
> performing your Conversion.<br>
> When you convert a DC (which I don't advise, it's better to rebuild it,<br>
> transfer Host Master Roles, and retire the old one just because of how<br>
> insanely tempermental AD really is.)<br>
</div>>...<br>
<div class="Ih2E3d">> Note: YOU MUST start the virtual machine within literally HOURS of<br>
> converting it, if a DC is left offline in a multi-site multi-dc environment<br>
> Microsoft states that problems can start in as little as 8 hours.<br>
<br>
</div>What you're saying about replication makes sense to me, except for the<br>
part of leaving a DC offline can cause problems. (I'm not disagreeing<br>
with you, I'm just trying to understand why)<br>
<br>
[Forget VM's for this] Isn't that the point of having multiple DC's?<br>
The network still runs in the event one DC fails? But what happens if<br>
it takes a couple days to get a replacement part to get the failed DC<br>
back up and running?<br>
<div><div></div><div class="Wj3C7c"><br>
- BS<br>
_______________________________________________<br>
grlug mailing list<br>
<a href="mailto:grlug@grlug.org">grlug@grlug.org</a><br>
<a href="http://shinobu.grlug.org/cgi-bin/mailman/listinfo/grlug" target="_blank">http://shinobu.grlug.org/cgi-bin/mailman/listinfo/grlug</a><br>
</div></div></blockquote></div><br></div>