One of the new features in Active Directory Domain Services in Windows Server 2012 is Virtualization-safe(r) Active Directory. This feature makes it easier and safer to deploy and manage virtual Domain Controllers through the VM-GenerationID capability of the hypervisor platform.
Hypervisor platforms like Hyper-V (in Windows Server 2012 and Hyper-V Server 2012 and up) and vSphere (5.0 U4+ and 5.1+) support this feature, but not all environments run these hypervisors and thus virtualized Active Directory environments still run the risk of Lingering Objects and USN Rollback due to Hypervisor-level changes.
You can see the full list of VM-GenerationID-capable hypervisor platforms in this continually updated blogpost.
Last week, Citrix released a new version of XenServer. With Jersey number 6.2 (or full: 6.2.0-70446c), it is the successor to the XenServer 6.1 product, popular with many early service providers.
While Citrix makes a lot of noise for XenServer 6.2 being fully open source and detailing a lot of new features, new per socket licensing and performance metrics, not a word is mentioned on the feature I was looking for, after failing to find it in a fully patched XenServer 6.1 (full: 6.1.0-59235p) installation.
So, I decided to install XenServer 6.2. After installation and configuration of XenCenter, I created a new virtual machine with Windows Server 2012. After the installation I installed the XenTools to the virtual machine and rebooted it. I, then, logged on again and opened up Device Manager (devmgmt.msc):
As you can see in the screenshot above, Citrix has enabled the VM-GenerationID code in their XenServer hypervisor, enabling Active Directory admins to more safely virtualize their Domain Controllers and cloning their Domain Controllers on it.
Welcome to the VM-GenerationID-capable Hypervisor family, guys!
I haven’t checked any of the behavior outlined in the VM-GenerationID Whitepaper yet, so your mileage as an Active Directory admin may vary.
New features in AD DS in Windows Server 2012, Part 12: Virtualization-safe Active Directory
New features in AD DS in Windows Server 2012, Part 13: Domain Controller Cloning
List of Hypervisors supporting VM-GenerationID