Microsoft Active Directory on Proxmox

yakakliker

Renowned Member
May 19, 2011
95
1
73
France
Hello,

Microsoft says CPD should not be virtualized, so is there anyone who uses Microsoft CPD under Proxmox anyway ?

Thanks
 
Thanks for this reply,

Yes, i'm talking about domain controllers.

What versions of Microsoft Windows servers are used ?

Apparently,there are lots of problems with virtualized Domain Controllers.

Have you noticed any problems ?
 
I suppose the obvious problem is if you virtualize all DCs for one AD on the same physical server without failover=>single point of failure.

I also suspect there are many people running virtualized DCs; IIRC, MS even encourages that in their newest Windows 2012 servers.... so I'd love to see some MS reference for "Microsoft says CPD should not be virtualized"

Finally, there's always Samba 4 ;)
 
Thanks to all.

This explains why one of my IT provider doesn't want to virtualize Domain Controlers ...

I'll try anyway ... ;)
 
you can do a lot of wrong things with multiple active directory servers but if you know what you are doing I do not see a big problem running on a virtualization host.
 
you can do a lot of wrong things with multiple active directory servers but if you know what you are doing I do not see a big problem running on a virtualization host.

Have you examples ? Why not a list (yes, I think abuse) :confused:
 
Thanks to all.

This explains why one of my IT provider doesn't want to virtualize Domain Controlers ...

I'll try anyway ... ;)

Hi, yes try it. But please use e1000 nics only. So you never get into latency problems. I have 3 DC´s on one 3-node-Proxmox-Cluster running. ... But anyway I will migrate to Univention Corporate Server 3.2 (Samba4) ;)

Cheers
mac
 
@mac: you recommend E1000 NICs - have you had problems with virtio NICs?

This explains why one of my IT provider doesn't want to virtualize Domain Controlers ...
No I wouldn't think so ;)

The points mentioned in that link are very valid (clock sync etc) but fairly obvious to people who know virtualisation and AD (not claiming I'm one though).

Perhaps that IT provider lacks some knowledge in those areas and doesn't want to complicate things; perhaps there are only 2 DCs to be veritualized and putting them on a single physical box is a big nono (AFAIR, MS does a good job stressing that if you need 2 DCs for redundancy you shouldn't create unnecessary SPOFs/single points of failures); perhaps there's other reasons...

Agreed with Tom and the rest: if you know what you're doing, there aren't any problems.
 
I think the kind of problem that Microsoft may point is that your Active Directory DC acts also as a DNS server. If your host relies on these DNS, it will not find DNS upon reboot until the VM is activated. So you should have at least two physical hosts with a redundant DC on each. All clients machines in the domain, file servers, print servers and so on also relies on these DNS...
 

About

The Proxmox community has been around for many years and offers help and support for Proxmox VE, Proxmox Backup Server, and Proxmox Mail Gateway.
We think our community is one of the best thanks to people like you!

Get your subscription!

The Proxmox team works very hard to make sure you are running the best software and getting stable updates and security enhancements, as well as quick enterprise support. Tens of thousands of happy customers have a Proxmox subscription. Get yours easily in our online shop.

Buy now!