We want to P2V one of our 2003 DC's. However, I'm not sure how the replication stuff will work once it comes back online. For example
How can we be sure that the newly virtualized DC syncs to the other DC's, not vice versa?
If you use the VMware Converter, you can do the import with the machine online. It uses an agent on the Source machine.
This way you don't have nothing to synchronize.
It will be a part off the process where you will have to disconnect the Physical Server, and power on the Virtual, but that is just like a reboot in the physical world, no major concerns there.
Hope this helps. With Windows 2003 or 2k there is no need for demoting the server to a BDC as all DC are masters, that is what is called a multi-master architecture, as for the replication, the KCC (Knowledge Consistency Checker) will take care of that, just force a replication before you do the P2V. Also make sure to verify which DC holds the FSMO roles; if I were you I would transfer the roles to a physical server until you get though with the operation.
I wouldn't do it, it's easier to build new ones, dcpromo them, move the FSMO roles and shutdown the old ones. There is no problem running AD on virtual servers, just don't use converter or P2V on existing DC's. That's what we did and it went very smoothly.
What machines should not be converted - http://www.vmware.com/community/thread.jspa?threadID=73357
P2Ving Domain Controllers - http://www.vmware.com/community/thread.jspa?messageID=390630
Virutalization of Active Directory - http://www.vmware.com/community/thread.jspa?messageID=352424
Considerations when hosting Active Directory domain controller in virtual hosting environments - http://support.microsoft.com/kb/888794
Virtualizing a Windows Active Directory Domain Infrastructure - http://download3.vmware.com/vmworld/2006/tac9710.pdf
How to detect and recover from a USN rollback in Windows 2000 Server: http://support.microsoft.com/kb/885875/
How to detect and recover from a USN rollback in Windows 2000 Server: http://support.microsoft.com/kb/875495/
I agree with Pang, and there has been other threads out there regarding the same issue that you are trying to do. People have had problems P2V'ing a Windows Domain Controller. Like Pang said demote the existing DC and then P2V and then run dcpromo once back in the vm. Or you can just build a brand new vm and run dcpromo to add to your existing domain then you can demote the physical DC and not even worrying about this server. Just my 2 cents in this matter.