My standard demo rig has a separate virtual machine (VM) running my domain controller(DC), I then have a bunch of client and server VMs all of which belong to that domain and I spin those up for different demo scenarios such as Business Intelligence, System Center etc. However I have still broken a lot of best practice here for example my DC VM also provides DHCP and DNS, whereas my desktop expert Simon runs that in another VM albeit on the same physical server (We can only carry so much gear around with us!).
Other variations on this theme are:
I mention this because there is best practice for domain controllers in KB888794 which discusses what you need to be aware when virtualising them. For example my DC will take longer to boot because it’s running DNS and it has to wait for that to come up before active directory can work to resolve names. A lot of it is common sense, but as with all Microsoft KB’s they are created when a the support engineers are asked the same questions again and again.
One final thought..
What is the future of domain controllers in a world of cloud based services?
Thanks for this.
On the final thought: Cloud services are a substantive step forward for the scale people are going to see in their operational data, and the cost benefits as well. "But", how long will it be before the 'average' business trusts the Cloud services with their internal data (from HR stuff to accounting to records of strategic to source control systems) ...?
Until organisations (as a norm) are capable (and confident!) of living solely in the Cloud then the DC (and, possibly more importantly, AD) will still be with us ... no?
How a regulator (transport systems; medical systems) might view a Cloud-based document repository is unknown too ...
They can, of course, run their organisational systems on a VM in the Cloud (and probably with significant cost savings) but the jump would be a big one ... so perhaps the on-prem stuff might face traction in much the same way petroleum/diesel does?
Thanks for making me think!
Honestly, I don't think there is much of one. At least not for authenticating end-users. I see Active Directory mainly supporting datacenters and the services that run in them with much less of an emphasis on supporting user identity. Claims is where things are headed. And for good reason. Of course, AD will probably continue to play a large role by providing an infrastructure for managing (and locking down) corporate assets like laptops. But even that may mean less and less if future OS'es turn out to be "cloud OSes". We'll see....
Travis Nielsen | PointBridge