Windows Server 2025 → considering a migration to Proxmox VE

[Pascal.ch]

Hello,

I’m looking for feedback from the community regarding an architecture decision I’m currently considering after encountering several issues with Windows Server 2025.

Context​

The server was initially installed with Windows Server 2025 bare-metal, hosting the following roles:

• AD DS
• DNS
• DHCP
• Application services

After the promotion to domain controller, I started facing several blocking issues, including:

• Essential Windows services not starting after reboot (e.g. Defender)
• Malfunctions in services relying on COM / DCOM (e.g. Active Image Protector)
• Security hardening automatically applied by AD DS affecting applications not designed to run on a DC
• System restore difficulties (drivers / storage) despite valid backups

Despite rebuilds and clean restores, the environment proved insufficiently reliable for production.

Current architecture​

HPE ProLiant DL20 Gen11
└── Windows Server 2025 (bare-metal)
├── AD / DNS / DHCP
└── Applications

Target architecture​

I’m considering moving to Proxmox VE bare-metal to improve role separation and resilience:
HPE ProLiant DL20 Gen11
└── Proxmox VE
├── VM Windows Server 2025 (DC)
└── VM Windows Server 2025 (Applications)

Storage layout​

The server only provides HPE Embedded Intel VROC SATA Software RAID, so I plan to manage storage directly in Proxmox using ZFS RAID 1, structured as follows:
HPE ProLiant DL20 Gen11
└── Proxmox VE
├── ZFS RAID 1 – Pool 1 (OS)
│ ├── 2×480 GB
│ ├── ~200 GB → Windows Server 2025 VM (DC)
│ └── ~280 GB → Windows Server 2025 VM (Applications)
└── ZFS RAID 1 – Pool 2 (DATA)
└── 2×960 GB

Questions​

• Does this approach make sense in this context?
• Are there any known pitfalls when migrating from Windows bare-metal to Proxmox?
• Best practices regarding ZFS, OS vs DATA pools, and boot disk layout?

I can provide detailed hardware specs, disk layout, or logs if needed.

Thank you in advance for your feedback.

 

[UdoB]

It's not clear if you know the following page: https://pve.proxmox.com/wiki/Windows_2025_guest_best_practices - maybe some of those hints are helpful for you...

 

[SteveITS]

I know what forum this is, but out of curiosity, if you’re a Windows-only setup why not Hyper-V? With Standard you can have 2 VMs if the host is only Hyper-V.

 

[Pascal.ch]

It's not clear if you know the following page: https://pve.proxmox.com/wiki/Windows_2025_guest_best_practices - maybe some of those hints are helpful for you...

Thank you for the link and the references — they are definitely useful and I’ll review them.

At this stage, however, I’m mainly looking for feedback on the initial design choices, before going deeper into guest tuning:

• moving from Windows Server bare-metal to Proxmox as a hypervisor
• separating AD/DNS/DHCP from application workloads into distinct VMs
• using ZFS RAID1 on local SSDs given the hardware constraints (VROC SATA only)
• OS pool vs DATA pool layout

In other words, I’d like to validate whether this overall approach and storage layout make sense as a starting point, before fine-tuning Windows guest settings.

Any feedback or alternative recommendations on the architecture itself would be very welcome.

 

[Pascal.ch]

I know what forum this is, but out of curiosity, if you’re a Windows-only setup why not Hyper-V? With Standard you can have 2 VMs if the host is only Hyper-V.

That’s a fair question.

Hyper-V was indeed considered, especially since this is currently a Windows-centric environment.
However, my main goal is to avoid tightly coupling the hypervisor with the Windows / Active Directory stack again.

With Proxmox, I’m mainly looking for:

• a minimal and stable hypervisor layer, independent from Windows patching, hardening and role changes
• simple snapshot / rollback and bare-metal recovery workflows
• a clearer separation between infrastructure services (AD / DNS / DHCP) and the virtualization host
• more flexibility on the storage side (especially with ZFS)

I also have a second server available. In case of an issue, the idea would be to temporarily move VM images or snapshots to the other host to keep services running, with the possibility to evolve towards some form of HA in the future.

In addition, I already use Active Image Protector, which is compatible with Proxmox, and fits well into this backup and recovery strategy.

The goal is not to run many different OS types, but to reduce complexity and blast radius after the issues experienced with Windows Server bare-metal.

That said, I’m open to feedback if you think Hyper-V would be a better fit given these constraints.

 

[SteveITS]

P2V for Windows can be done, sure. We moved a few Windows servers from one KVM to another so it was a bit easier, but we still needed to add the SCSI driver to boot using SCSI, and the network card driver/config. And of course it can't be an OEM license if you're changing hardware. There are various threads discussing not using a "host" CPU type in the VM, or other workarounds for nested virtualization especially on more recent versions of Server.

Technically on Hyper-V the host can be a standalone server and not joined to AD...in fact I'd recommend that if the DC is a VM.

 

[Steven-b]

I also have a second server available. In case of an issue, the idea would be to temporarily move VM images or snapshots to the other host to keep services running, with the possibility to evolve towards some form of HA in the future.

You could do a replication setup, minimal replication time could be 1 minute and if you could add a quorum (qnet-device, i do this with Proxmox Backup Server) than in case of a node failure your VM's will automatically start up on your other node.
Just to pitch you an idea

 

[Pascal.ch]

Thank you for the feedback, it’s very helpful .

Regarding P2V, the goal is indeed to keep things as simple as possible (SCSI drivers, network configuration, appropriate CPU type), but this is not the immediate priority. Right now I’m mainly focused on validating and stabilizing the target architecture before starting the migration itself.

Concerning Hyper-V, I agree with the point that the host should remain standalone and not be joined to AD if the DC is a VM. One of my goals is precisely to avoid, going forward, any tight coupling between the hypervisor and AD roles.

The idea around Proxmox replication also aligns well with what I had in mind. I have a second server available, and initially the goal would be to quickly recover or temporarily fail over in case of an incident, with the possibility to evolve towards something more automated later on.

---
As an update, I have now completed the Proxmox installation, although I had to redo it once.
During the first attempt, I ran into several issues, including ending up with a Proxmox OS partition that was far too small (~3 GB) due to the installer default settings, which caused multiple configuration problems afterwards.
This second installation is much cleaner, and hopefully more stable. The next step will be to test full restore scenarios using my backup server.

Here is the current configuration:

HPE ProLiant DL20 Gen11
├─ ZFS RAID1 (2×480 GB) – System VMs
│  ├─ vm-w2k25-AD   (150 GB)
│  └─ vm-w2k25-PRG  (150 GB)
└─ ZFS RAID1 (2×960 GB) – Proxmox + DATA
   ├─ Proxmox OS    (64 GB)
   └─ PRG Data (D:) (~700 GB)

At this point, I’m realizing that it’s hard to find clear “beginner best practices” for Proxmox, especially regarding:

• initial partitioning choices
• ZFS pool layout
• what should ideally be done (or avoided) early on
• an other

If anyone has simple, proven recommendations for getting started with Proxmox, I’d really appreciate it.