Virtualization of a AD and Exchange on the same Server [closed]

active-directory exchange

Solution 1:

The recommendation to have a physical DC is not a security recommendation, it is an availability one. In the event of a catastrophic hypervisor failure (bug, exploit, whatever) if your virtualization solution is offline, you still want at least one DC outside of that environment to provide directory services.

Of course, it is entirely possible to go 100% virtual. Instead of keeping a physical host around, some people will have a separate management cluster so that DCs can be run there as well as the production data cluster, which offers some diversity. If an organization does something like vSphere in production and Hyper-V in DR, then they may keep a hot DC in DR and have platform diversity that way. The MS party line is still to keep one physical DC, but there are other ways to accomplish the spirit of that recommendation and be 100% virtual.

Solution 2:

Originally I think this recommendation came from the problems hypervisors had with accurate time (needed for AD for Kerberos authentication). It's also easy to end up with an unintended single point of failure (the physical host, the SAN) if you are in a mid sized environment.

Now days I think the biggest concern is what will you do if you can't login to vCenter

Related

No option to create new partition- why?
Yum equivalent of rpm --nopreun
Why is RAM usage so high on an idle server? [duplicate]
What's the best way to merge two directories on the same filesystem in linux?
SELinux permissions for LogRotate and Apache
Change Local Group Policies remotely on Windows workstations outside Windows domain
Mapping old to new URLs with external file - configuration invalid
How to backup large directory from linux server to windows machine
For IPv6 migration, should we replace existing L2 switches running VLANs?
Network Service account or domain account? [closed]
AWS - Script to create EC2 snapshots and automatically rename them
VPN Security: unknown users trying to connect PPTP VPN