Currently, we are planning to migrate from a physical to a virtual environment with VMware... is there any best practise or recommendation to keep the primary domain controller (Windows server 2016) on a separate physical server and convert only the additional domain controllers from physical to virtual.
VMware has this older whitepaper https://www.vmware.com/content/dam/digitalmarketing/vmware/en/pdf/techpaper/Virtualizing_Windows_Act... about it.
Depending on size of your company, it may be good decision to keep one physical AD as part of disaster recovery strategy.
this might be old, but AD 2008 and 2012 had some issues with Snapshots (If you rolled back a snapshot you could cause a de synchronization of the AD) In 2012 R2 there was a "flag" added to determine if the Domain Controller was a virtual machine.
Thanks, nachogonzalez Ill go with a fully virtualized envorment.