Link to 3.5 article:

http://kb.vmware.com/selfservice/microsites/search.do?cmd=displayKC&docType=kc&externalId=1004588&sl... Id

"If the source is a domain controller, special considerations must be made. VMware does not recommend virtualizing an active domain controller with Converter"

Agreed, I would not P2V a DC.

If you only have 1 (BAAAADDDDD idea), promote another server (NOT Exchange) and transfer the FSMO roles. De-mote the physical DC, P2V and repromote it.

What that knowledge base is referring is not whether a domain controller should be virtualized but how you do it - and I agree with that KB you should not use converter to convert an active domain controller but build a brand new virtual machine and promote it to be a domain controller-

If you find this or any other answer useful please consider awarding points by marking the answer correct or helpful

I thought VMware might have upgraded their vSphere converter product so they would not discourage P-V on an active domain controller.

Found this interesting article regarding Symantec Backup Exec System Recovery.

"The BESR software converts Domain Controllers with absolutely no problem, which can be an issue when using VMWare Converter. It is worth its weight in gold."

DCs are very timing oriented and the database is hard to quiesce. when you P2V, you snapshot the DB, which can mess up the timestamps. when done, the timestamp could be earlier than on the original, which will really mess up sync. Demoting and promoting is so trivial that it's really not worth takling the chance.

I would never P2V a domain controller, but what if the domain controller is already a VM on VMware server? I was going to shutdown the VM and use convertor to import it into ESX?

Is this less dangerous?

Thanks.

No converters can get around the issue of time stamps. BESR may be better on how it handles the AD DB changes while the conversion is in progress, but nonetheless...

dodell wrote:

I would never P2V a domain controller, but what if the domain controller is already a VM on VMware server? I was going to shutdown the VM and use convertor to import it into ESX?

Is this less dangerous?

Thanks.

Less dangerous. Just make sure of the clocks. AD can deal with some time difference but not too much.

I don't know sometimes a clean slate is nice. Setting up AD VMs is so easy and you do not get all the little gotchas you can get with a P2V.

I guess there are advantages to P2V but if the system is just an AD/DNS start fresh, just my opinion.

Agreed while we have over 100 Virtual Domain controllers every attempt to to a P to V migration ended with a crash an burn.

Domain controllers with their built in clustering are extremely easy to bring into the virtual environment though as you simply build a secondary in ESX, promote it, then build another.

Easy to do without using converter

##If you have found my post has answered your question or helpful please mark it as such##

Hello,

Moved to Virtual Machine and Guest OS forum.

Best regards, Edward L. Haletky VMware Communities User Moderator, VMware vExpert 2009
Now Available on Rough-Cuts: 'VMware vSphere(TM) and Virtual Infrastructure Security: Securing ESX and the Virtual Environment'[/url]
Also available 'VMWare ESX Server in the Enterprise'[/url]
[url=http://www.astroarch.com/wiki/index.php/Blog_Roll]SearchVMware Pro[/url]|Blue Gears[/url]|Top Virtualization Security Links[/url]|Virtualization Security Round Table Podcast[/url]

Since your DC is shutdown, you don't have the same timing issues that a live DC would have.

We've migrated shutdown DCs from one version of VMware to another without issues using converter. We didn't even attempt to migrate a live DC.