Protecting DCs as Virtual Machines

When a server is created as a VM instead of being installed on a physical computer, it becomes nothing more than a set of files on a disk because the disk drives for the computer are hosted in virtual hard drives. DCs running both AD DS and DNS are ideal candidates for virtualization on either Microsoft Virtual Server R2 or on Hyper-V because they focus on providing a single, network-oriented service. When a machine is virtual, it becomes much easier to protect it, restore it, and otherwise manipulate it.

Use the buttons below to navigate through the lesson


If the server has a full system failure, just go back to an earlier version of the virtual machine and boot it up. In the case of a DC, multimaster replication will then automatically take care of the rest and bring it up to date. This is by far the most powerful business continuity scenario for DCs.

In addition, virtual machine protection is greatly facilitated by a single Windows Server 2008 feature: the Volume Shadow Copy Service (VSS). When configured, VSS automatically takes snapshots of the contents of a disk drive at regular intervals. If anything untoward occurs to any file on the disk drive, you simply rely on Previous Versions a tab that appears in the Properties dialog box of any file or folder to restore an older version of the file or folder quickly. Previous versions are enabled by default on Windows Server 2008 and Windows Vista.

On a virtual machine, you restore the virtual hard drives that make up the machine from a previous time or date, and your machine is back up and running. Overall, this procedure takes about five minutes. No other backup and restore scenario can compete with VSS and VMs.

VSS should be enabled on host servers that maintain and run the virtual machines in your data center.

VSS can be added to either the full installation or Server Core.

It takes about 10 minutes to enable VSS on any server; however, you must be prepared and have the proper disk structure.

For example, a host system running Hyper-V should have at least three disk volumes:

  • Drive C should be the system and boot drive and should host the Hyper-V role.
  • Drive D should be the data drive that hosts the virtual machines. This drive should normally be stored on some form of shared storage to support continuity for the VMs it hosts.
  • Drive E should be configured to host the VSS snapshots that will be created on an ongoing basis. Each VSS snapshot is 100 MB in size because it captures only disk pointers and not the entire disk structure. You can store up to 512 snapshots at a time. When you
    reach this maximum, VSS will automatically overwrite the oldest snapshots. Size this disk accordingly.

To configure VSS log on to your server and open my computer;-

  • Right click the volume to be enabled.
  • Select Properties.
  • Select Shadow Copies.
  • Highlight the volume and select Settings.
  • Here you can set the size limit.
  • Click Schedule.
  • From the drop down list select At 12.00. These default schedules can be altered to meet your requirements.
  • Click OK.
  • Click OK.
  • Click Create Now, to create the first copy.
  • First copy has been created,
  • Select the Previous Versions tab.
  • In the Previous Versions tab any volume shadow copy may be Opened, Copied or Restored.
  • Click OK to close the dialogue box.
  • Close My Computer.

You can also perform this operation through the command line. If your host servers are running Server Core as they should be to minimize host server CPU overhead you will need to perform this operation either remotely or through the command line. Use the following commands:

vssadmin add shadowstorage /for=d: /on=e: /maxsize=6000mb
vssadmin create shadow /for=d:
vssadmin list shadowstorage
vssadmin list shadows

The first command sets up the shadow copies according to the default schedule. The second creates the first shadow copy. The next two list the associations and then available shadow copies. Shadow copy schedules are scheduled tasks. To control the scheduled task and modify its schedule, rely on the Schtasks.exe command or use the Task Scheduler remotely in the Computer Management console.

To access previous versions of a file or a folder, open Windows Explorer, connect to a shared folder, in this case the default share created by the system, D$, and locate either the file or, if the file is gone, the folder in which it was stored; right-click it to select Properties, move to the Previous Versions tab, select the version you need, and click Restore. Close the Properties dialog box. You can also copy and compare files.