Virtual machine hosts as domain controllers?

Should a host server be used as a domain controller? Ron Oglesby offers his thoughts in this expert response.

We are considering consolidating three servers into virtual servers. Are there any foreseeable problems with installing Windows Server 2008 as a domain controller, then installing virtual servers for Exchange, file services, and a Web server? We have Gigabit switches. The domain controller would be the host operating system, and we would have three virtual servers running Exchange, File, and Web. We have 250 users in a high school environment.

Generally the host server (the server you are talking about acting as a domain controller and supporting virtual machines [VMs]) should not be acting as a domain controller. From a purest perspective the host server for the VMs should be just that: a host for VMs. And since you are using Windows 2008 there is a much better way to ensure all the VMs get the best performance.

Instead of making the host a DC, you should probably look at using a server core installation and installing the HyperV option on this base install. This will provide the lowest possible resource utilization on the host and give the VMs the best chance to perform optimally.

Of course the drawback of using server core would be that you need an addition physical 2008 server to manage it, or you have to be proficient at WMI. If you don't want to go to server core and this is going to be your only physical server I would do a full/regular install of Windows, leave it in a workgroup, and run my domain members as VMs. It is a bit of a hassle managing a stand alone server, but if you made it a domain member and your only domain controllers were VMs you could have some issues upon reboots when none of the DCs are started when you reboot the host.

Long and short, your VM hosts should not be domain controllers when you can help it.

Dig Deeper on Virtual machine provisioning and configuration