Hey guys

I was hoping to get some guidance on how to best resolve my issue.

I have a domain controller I need to virtualize with schema master and domain naming master role. What would the impact be if:

1. I virtualize and take it down without transferring the roles. Leave everything as is.

2. I move the roles to another domain controller, take a snapshot, virtualize, then transfer the roles back.

I also have another domain controllers with PDC, RID pool master, Infrastructure master roles I need to virtualize in the future. Should I move forward with the same approach?

I appreciate your help.

Many thanks

JT

Hi

 If you need to transfer schema master,domain naming master role,i recommned that you will install a clean server OS,and add as an Additonal Domain Contoller,then transfer 2 roles on this DC.

Note:Also i always prefer that all fsmo roles on one Domain Controller and it is be a physicial server.

Thank you so much Burak

My main concern is if after virtualization everything fails and have no choice but to revert the changes we will not lose everything in the forest having the roles split in the primary and secondary DC

Hi

 I don't think split roles best choice.If there will be a potential problems on PDC,you always sieze the fsmo roles to avaible DC.(you won't be lse everything if you have additional domain controllers).

 ALso if you have a successfull backup,you will always restore domain from this backup.Also recommend that you could configure full backups of DC's.But also you can split the roles so this your decision.

1. Have a good backup of both DCs

2. Make sure that your system is healthy (Event logs, diagnostics w/ dcdiag,...)

3. Keep GC on all DCs

4. Make sure that replication has finished with success status

5. Consider other infrastructure roles (DNS, DHCP,etc ... are these reacheable when moving roles)

6. Make sure that other roles, features an installed applications will not interfere with intermediate configuration

7. Move roles as expected...

M.

PS: Do migration whe there are no users logged

• Edited by Milos Puchta Tuesday, August 25, 2015 6:40 PM

My understanding is that you already have multiple domain controllers?

Built the virtual server and install AD DS role.

Promote the server to a domain controller (with DNS server and Global Catalogue capabilities) and join it to the existing domain.

Move FSMO roles to the new domain controller.

Demote the physical domain controller. Remove from the domain.

Remove any existing DNS entries pointing to the old server look everywhere, remove the server from AD Users and Computers and remove the server from AD Sites and Services. 

Thanks this is very helpful!!!

I would create a new DC on your virtual environment and then assign those roles to it. I would then decommission the old DC.