Updates from QA Training

Windows Server 2012 Safe Domain Controller Snapshotting

With Windows Server 2012 Microsoft have introduced technologies they are branding as Safe Virtualization features. These features revolve around Domain Controllers (DC) and include being able to clone a DC and rolling a DC back to a snapshot safely.


Paul Gregory | 29 October 2012

With Windows Server 2012 Microsoft have introduced technologies they are branding as Safe Virtualization features. These features revolve around Domain Controllers (DC) and include being able to clone a DC and rolling a DC back to a snapshot safely.

DC cloning can be read about here.

First and foremost I think it is important so state that I would not recommend snapshotting a Domain Controller the same as any database based service.  My recommendations would always be to have the correct testing facilities and recovery processes and practices in place. I also understand some organisations like to have as many get out of jail options as possible and therefore might also wish to use DC snapshotting as an option when performing high risk operations like applying service packs.

DC snapshotting only works with Windows Server 2012 DC's and hypervisors which support the VM GenerationID attribute, these include Hyper-V3.0 and ESX 5.1, I am sure all vendors will enable these features very soon.  When a DC starts for the first time and it detects that it is running as a virtual machine and it queries the hypervisor for the VM GenerationID and stores this as an attribute with the computer object within Active Directory for the DC.  While everything is all fine the ID does not change. 

If during the life of the VM a snapshot is taken and the VM is rolled back to the snapshot the Hypervisor will change the VM GenerationID presented to the VM.  When Active Directory starts on the VM it will query for the VM GenerationID and detect that it has changed at this point the DC will delete its RID pool (so it cannot create objects with duplicate ID's) the DC will be reset its Invocation ID and will enter recovery mode (just like a Non-Authorative restore) and will receive objects from its partner DC's to roll is database forward.  Once complete the DC will continue as normal.  Within Event Viewer you can see the VM GenerationID events being raised and there the detection of a snapshot being applied.

Please watch this video to see this feature in action, or attend a training course on Windows Server 2012  @QATraining


QA Training | Paul Gregory

Paul Gregory

Head of Microsoft Infrastructure

A Microsoft Certified Trainer since 1995, Paul has worked both for and with some of the world's leading IT Services organisations – including Unisys, Dell and Microsoft during the Microsoft Windows (TAP) Technology Adoption Programme. Paul specializes in delivering training around the Windows Operating system as well infrastructure and management solutions around System Center going right back to SMS 1.0. Paul is a frequent visitor to Microsoft's Global Headquarters in Seattle to attend early product workshops and for many years has delivered training courses around the world on behalf of Microsoft. In addition to being actively involved in Microsoft's Windows TAP programme, Paul has recently delivered both Microsoft's Private Cloud 2012 readiness training to partners in the UK and was a member of the Microsoft global training team delivering Windows Server 2012 early adopter training. During recent years Microsoft has requested Paul to deliver System Center training at both Redmond and The South American head office to Microsoft Partners.
Talk to our learning experts

Talk to our team of learning experts

Every business has different learning needs. QA has over 30 years of experience in combining the highest quality training with the most comprehensive range of learning services, ensuring the very best fit for your organisation.

Get in touch with our learning experts to talk about how we can help.