Windows Server 2012 Migration (DNS/AD DS Standard Eval to Essentials OEM) P2V -> Do I need a Secondary Domain Controller during migration

active-directorydomain-controllermigrationphysical-to-virtualwindows-server-2012

This is my first post on this exchange (although not my first on stack exchange), so please have patience.

I am a 3rd year student intern, and I have been tasked with virtualizing the server systems at the company I work for. I have come a long way, and I am almost ready to install the VM Server in migration mode. Here is some information:

Source Server:
Windows Server 2012 Standard Evaluation

DNS Server (local only)
Advanced Directory Domain Services
File and Storage stuff
A few other server roles

Destination Server:
Windows Server 2012 Essentials OEM (Hyper-V client)

Running under a temporary Hyper-V host (will migrate the Hyper-V host back to the old machine after the original server is virtualized as a client).
Sitting currently at the "Select Installation Mode" screen.

I have been following the guides on Microsoft tech net, and today I spent most of the day getting rid of issues in the Best Practices Analyser on the source machine.

I have 3 remaining issues (which are all related):

ERROR: DNS: DNS servers on Ethernet (adapter name) should include the loopback address, but not as the first entry (flavour text indicates that, during migration, the DNS server may not be found)
WARNING: All domains should have at least two domain controllers for redundancy.
WARNING: DNS: Ethernet should be configured to use both a preferred and an alternate DNS Server.

All of these issues can be resolved by deploying a secondary domain controller, but I have never done that before (see my concerns below). The main issue here that I am concerned with for installing in migration mode is the FIRST one (the error). If I try and set-up the new server deployment, and the adapter domain controller is listed as localhost, then this may cause the installation to fail. (at least, this is what the Microsoft documentation suggests). But I do not have another IP address to enter here as I have no other local domain controllers.

So I did the first obvious thing that came to my mind, and tried to use Google DNS servers as my alternates. That did not work because they couldn't recognize other computers in the "forest". Now I'm no expert when it comes to DNS, so please forgive my ignorance. This DNS server is concerned only with Active Directory stuffs for the local network.

If I go ahead with migration, and it fails, then I will just have to go ahead and install a secondary DNS server I suppose. The problem I have here is that I am limited by the amount of Windows Server keys I have available (I have 2); however, I do have access to a Linux box running Debian Wheezy that I set-up two weeks ago as a Mantis server.

I could install Windows Server 2012 as a secondary DNS (I think) in a VM and use that, but then it seems like I will be wasting time, and probably the Windows key too, and if there's another way to do it with Linux that would be much better. Even better still, do I even need a secondary DNS server for migration at all? The hints said that during migration the original machine "might" not be found.

Thank you for your time and consideration.

Best Answer

All of these issues can be resolved by deploying a secondary domain controller

Full Stop. You should have at least two domain controllers available. Trust me. You really want at least two domain controllers. I think if you spend a bit of time reading about Active Directory design and how it works and you will see that multiple domain controllers should be your first priority in this situation.

CORRECTION: You should have at least two domain controllers available in a standard Windows Server domain. Windows Small Business Server and Windows Essenstial have different requirements.

I could install Windows Server 2012 as a secondary DNS (I think) in a VM and use that, but then it seems like I will be wasting time, and probably the Windows key too,

I assume when you mean as "a secondary DNS server" you mean creating another domain controller, as Active Directory and DNS are tightly coupled. In this case, I don't think it's a waste of time at all for the reason I previously mentioned. All you do, create a new virtual machine, add the Active Directory Services Role and wait for replication to finish. Pretty simple. You could even avoid purchasing another license key and just skate by the evaluation period for the sake of your migration and then destory the VM after your finished.

I haven't done any work with Essentials so I'm hesitant to offer any more advice since it is sort of a different beast from the standard Windows Servers offerings, but you might be fine without a secondary DNS server for your Role migration.

However - I really would question any plan involving Active Directory where you have a single domain controller. For even the smallest of businesses, virtualization and "The Cloud" really lowers the barrier of entry. There's less and less reasons these days to have a single standalone host running all your server roles.

Best Answer

Related Solutions

Windows Server 2012 – Adding a Windows Server 2012 Essentials Server to an Existing Domain Without Migrating the AD

Windows Server 2012 – Fix Adprep Error During Domain Controller Promotion

Related Topic