-

⇚============================================================================================================================⇛

Time Configuration for a Virtualized Domain Controllers
Today we will talk about some of the features of time configuration on a virtualized domain controllers. Typically, the time synchronization scheme in the Active Directory domain is as follows:
  • The PDC emulator is the main time source on the domain and must be configured to synchronize time with the external time source;
  • All other domain controllers are synchronized with the controller that owns the PDC emulator role;
  • All member servers and workstations synchronize their time with the nearest domain controller.
Tip. For more information about configuring NTP time in a domain, see the article Configure NTP Time Sync using Group Policy.
For example, this is how the time settings look on our virtual domain controller. As you can see, it uses group policies to configure time setting and synchronize time with the external source pool.ntp.org.
However, if you check the current time source (w32tm /query /source), you can find it unexpectedly, because you can see a strange time source named VM IC Time Synchronization Provider.









The fact is that Hyper-V virtual machines synchronize their time with the host by default, and regardless of the settings of the time service inside the machine. As a result, it can turn out to be a rather strange situation when the Hyper-V host is a member of the domain and synchronizes time with the domain controller, which in turn is a virtual machine and synchronized with the host (Recursion?).
In order to avoid this, you must disable time synchronization with the host for virtual domain controllers. There are two ways to do this.
The first way is to disable time synchronization in VM properties. To do this, open the properties of the virtual machine in the Hyper-V Manager snap-in, go to the Integration Services section and check off Time synchronization.



The same can be done using the PowerShell console on the Hyper-V server. For example, with this command, get the service status for the VM:
Get-VMIntegrationService -VMName dc1 -Name ‘Time synchronization’
The following command will disable time synchronization:
Get-VMIntegrationService -VMName dc1 -Name ‘Time synchronization’ | Disable-VMIntegrationService
If you are using VMWare ESXi as the virtualization host, you can disable the time synchronization with the host in the virtual machine settings.
VM->Edit Settings -> VM Options tab -> Check off Synchronize guest time with host.
The second way is to edit the registry inside the guest virtual machine with ADDS role. To disable synchronization, run Regedit.exe, go to branch HKLM\SYSTEM\CurrentControlSet\Services\W32Time\TimeProviders\VMICTimeProvider and change the value for the Enabled parameter to 0.

The same setting can be made from the Command Prompt by running the command:
reg add HKLM\SYSTEM\CurrentControlSet\Services\W32Time\TimeProviders\VMICTimeProvider /v Enabled /t reg_dword /d 0
In addition, it is desirable to make the following settings:
  1. Change the NTP server polling period:
reg add HKLM\SYSTEM\CurrentControlSet\Services\W32Time\TimeProviders\NtpClient  /v SpecialPollInterval /t reg_dword /d 900
  1. Configure the correct response of the time service to a non-standard time change of more than 52 hours
reg add HKLM\SYSTEM\CurrentControlSet\Services\W32Time\Config /v MaxNegPhaseCorrection /t reg_dword   0xFFFFFFFF

reg add HKLM\SYSTEM\CurrentControlSet\Services\W32Time\Config /v MaxPosPhaseCorrection /t reg_dword /d  0xFFFFFFFF
After disabling synchronization by any of the described methods, it is necessary to restart the time service, this will reset it to a new source. On a domain controller with the PDC-emulator role, you must restart the w32time service and run the synchronization:
net stop w32time

net start w32time
 w32tm /resync /force
On all other AD domain controllers, you need to additionally execute the command:
w32tm/config /syncfromflags:DOMHIER /update
This will cause the Time Service to select the PDC emulator as the source according to the domain hierarchy. In this way, we will configure the correct time synchronization scheme in the domain.


⇚============================================================================================================================⇛

Step by Step Guide to Implementing a TWO NODE Failover Cluster – Part 02

As I have demonstrated how we prepare Cluster nodes for a two node failover cluster, in this post let’s have a look at how we can use Cluster Validation Tool to generate a report. I will be using Windows Server 2008 for this demonstration and before moving any further let’s have a look at what tests are performed using Cluster Validation Tool.
Cluster Validation tool is a wizard found on Failover Cluster Management Console. Following tests are carried out when you perform cluster Validation Tool
· Inventory Validation
· Network Validation
· Storage Validation
· System Configuration
We will look at what are exact components or sub-tests that takes place during validation testing in another post.
First we need to go to administrative tools and then open Failover Cluster Management Console

After selecting Failover Cluster Management option, it will open Failover Cluster Management Console
We can right click on Failover Cluster Management and then select “Validate a configuration” option to initiate Cluster validation wizard 



As you can see below, first screen provides us with a description relating to Cluster validation wizard.


Next we need to add what are the NODEs which we need to validate.

I will add my Cluster NODE01 and Cluster NODE02

After I select both NODEs, it gets added to my Cluster validation wizard

Next, we need to decide, whether are running all tests, or whether we are going to run a selective test. For this demonstration, I will be running all tests to validate NODE01 and NODE02


Next we have a confirmation summary screen. We can review what are the tests which will be performed against NODE01 and NODE02

After I select next, validation wizard will start validation my cluster configuration


once this is completed, it’s possible for us to view a report

We can open this report as a web page and we can see results.

In my next post, we will create a cluster and let’s see how we can configure it

⇚============================================================================================================================⇛



Step by Step Guide to Implementing a TWO NODE Failover Cluster – Part 01

In this blog post I will be demonstrating how we can create a TWO NODE failover cluster using Windows Server 2008 Failover cluster capabilities. First part of my blog post will contain information on how we can prepare both nodes before creating a cluster.
First we need to look at basic requirements which need to prepare a Failover Cluster.
  • Make storage available to all nodes
  • Configure Network adapters on all nodes
  • Cluster components to be “Certified for Windows Server 2008”
I have configured two networks for Public network and also Private Network.
Let’s look at Public and Private network configuration
Public Adapter -> we configure with IP Address, Subnet Mask ,Default Gateway and DNS
Public Adapter -> I will only provide IP Address and Subnet Mask

Next let’s proceed and configure Storage Connectivity. I will be connecting to my storage using the build-in iSCSI initiator

After selecting iSCSI Initiator, first it will prompt you to start iSCSI service, which is set to start manually by default on Windows Server 2008 / Windows Server 2008 R2.
After that we need to allow iSCSI to communicate through Windows Firewall. This will be automatically configured for you when you select Yes
After this step, you will find iSCSI initiator properties.


























Navigate to discovery tab and select “Add Portal” option for us to connect with our shared storage
We need to provide with an IP Address or DNS name for iSCSI target












Once we enter required information, we can proceed



























Next we need to navigate to Targets TAB which will allow us to connect with the storage. Select Log on option
We need to allow following options when connecting with the storage
– Automatically restore this connection the computer starts







After completing this step, we have now successfully configured our storage connectivity.












Let’s go ahead and prepare disks using DISK Management utility












After accessing DISK management console, we can notice that there’s a new DISK added .











We need to right click on the DISK and bring it ONLINE

After we bring this DISK online, we can then go ahead and initialize this disk









We need to select which disk, we need to initialize so that it can be access by Logical Disk Manager. We will configure this disk as a MBR style partition disk
















Now that we can access this disk, we will go ahead and create a volume
















In this window, we will be specifying the size of the disk










Next we need to select a drive letter










Next, we need to change the volume label, and also select “Perform a quick format” option











Now that we have already configured, it’s possible for us to view this disk from Disk Management console







Now let’s move to NODE 02, on NODE 02 we need to bring DISK 1 online, which we have already configured on NODE 01

After refreshing disk management console, we can see that it’s no more in unallocated state, so we only need to bring it online now








Since we have completed configuring both disks, Next we will proceed and run validation using Failover Cluster Management console. Before proceeding, we need to go to Server Manager on both servers and install Failover Clustering which is located under features section.
In my next blog post I will publish how we can run Failover Cluster Validation Tool and validate configuration.

⇚============================================================================================================================⇛

Might be start of new vision from this......



Comments

  1. Nitin MhalimMarch 1, 2012 at 9:37 PM

    Since 2009, have not updated my status....but m quite free look my blog again...will updated information soon..

    ReplyDelete
  2. AnonymousMay 19, 2018 at 10:14 PM

    This comment has been removed by a blog administrator.

    ReplyDelete
    Replies
    1. AnonymousMay 19, 2018 at 10:16 PM

      Thanks for your wonderful blog!!

      Delete
    2. Nitin MhalimMay 19, 2018 at 10:19 PM

      Thanks for apreciating! I am making my techonolgy skill/knowledge available to my friend who are very eager to make themself expert in their experience.

      Delete
    3. Nitin MhalimMay 19, 2018 at 10:20 PM

      I am coming with more userful technology article. Please review this site frequenctly.

      Delete

Post a Comment

Popular posts from this blog

esxi-host-shows-disconnected-vmware

-
Symptom: The host and VMs in a vcenter server appears to be disconnected. Issue: The host and its corresponding vms could appear as disconnected due to issue with any of the following services. vpxa - a service which runs in the esxi host. This service communicates with vcenter server. hostd - core service which runs in the esxi host vpxd - a service which runs in the vcenter server which communicates with the vpxa Resolution: 1. Try to ping the ESXi host. This ensures that the host is reachable 2. Ensure you can login to the VMs remotely. This ensures that VMs in the host are working fine. 3. Try to login to the ESXi host using vsphere client. This ensures that the hostd services are running perfectly. If this step fails, restart the hostd service using putty. 4. If the above three steps worked fine for you, the issue would be with the vpxa or vpxd service. In that case, first try to restart the vpxa service in the host and if that didnot resol
Read more

ESXi : Lost uplink redundancy on virtual switch "vSwitch0". Physical NIC vmnic0 is down

-
We had an issue suddenly getting an alert : Lost uplink redundancy on virtual switch "vSwitch0". Physical NIC vmnic0 is down. Affected portgroups:"vMotion", "Management Network". So as a troubleshooting Select the ESXi host effected Click on Configuration, Select Networking, Click on vSwitch0 Properties,Click on Network adapters Select on vmnic0, Click on remove, Click on Close Again Select Networking, Click on vSwitch0 Properties,Click on Network adapters, Click on Add, Select the vmnic0, Click on Next, Click on Next, Click on Finish Now Click on Ports tab of vSwitch Properties, Select on vMotion, Click on Edit, Click on NIC Teaming, Select on vmnic1, Click on Moveup button  to Active Adapters, Select on vmnic0, Click on Move Down to Standby Adapters, Click on OK Now Click on Ports tab of vSwitch Properties, Select on Management Network, Click on Edit, Click on NIC Teaming, Select on vmnic1, Click on Moveup button  to Active Adapters, Select o
Read more

Virtual machines appear as invalid or orphaned in vCenter Server

-
Symptoms Virtual Machines show as invalid or orphaned in vCenter Server Virtual Machines show as invalid or orphaned after a VMware High Availability (VMware HA) host failure occurs Virtual Machines show as invalid or orphaned after an ESX host comes out of maintenance mode Virtual Machines show as invalid or orphaned after a failed DRS migration Virtual Machines show as invalid or orphaned after a storage failure Virtual Machines show as invalid or orphaned after the connection is lost between the vCenter Server and the host where the virtual machine resides You see one or more of these errors when trying to start a virtual machine: Could not power VM, no swap file, failed to power on VM. VMControl error -11: No such virtual machine. A general system error occurred. The system returned on error. Communication with the virtual machine may have been interrupted In   C:\ProgramData\VMware\VMware VirtualCenter\Logs\vpxd.log   file, you see entries similar to: [11916 error
Read more