Sunday, May 20, 2012

Joining 2 or more virtual machines to a domain

If you have ever had to build distributed architecture test environments (such as for Team Foundation Server or SharePoint), there is a good chance that you have to join one or more machines to a domain to get everything to work properly.

I most frequently use VMWare Workstation so the basic guide I have provided here will work best with VMWare Workstation or VMWare Player, but it should apply similarly to other virtualization products as well.

  1. If you have not already done so, build a primary virtual machine that will act as the domain controller.  This machine should have a static IP address and should be configured to be its own DNS Server.  If you are building this virtual machine on a home network, I would recommend using blocking out a set of IP addresses from your router that will not be used as part of the DHCP range on your LAN.
  2. Once you have that initial domain controller virtual machine, you can now configure your secondary virtual machine.  Before you attempt to join it to the domain, make sure you set the Primary DNS IP Address for the secondary virtual machine to point to the Domain Controller's IP Address.  For example, if your Domain Controller is configured with an IP Address of 192.168.0.10, then your secondary virtual machine should be configured with an IP Address of 192.168.0.11 and a Primary DNS Server Address of 192.168.0.10.  
  3. Once you have configured the appropriate IP address configuration for your secondary virtual machine, you should now be able to join it to the domain.  When you are prompted for credentials to join it to the domain, you need to be sure that you enter credentials of a user that has Domain Admin privileges.
  4. If the secondary member server is joined to the domain successfully, you are on your way!! You can follow this same procedure for any additional servers that you need to join to the domain.  
  5. If you are having trouble testing communication between the domain servers (such as by using telnet), you may have to configure the Windows Firewall for Domain Networks.  NOTE: When you join machines to a domain, the Windows Firewall will automatically be enabled for Domain Networks.

If you are attempting to run your virtual machines on a corporate network and you know that Bridged or NAT network configurations will not work (due to Corporate Administrative Group Policies on your host machine), then since you cannot connect your virtual machines to the Internet, you can create a custom virtual network.

  1. From the Edit menu, select Virtual Network Editor
  2. Click on the Add Network button to create a new virtual network
  3. From the drop down list, select a virtual network to Add and click the OK button
  4. Once you are able to view the Virtual Network Editor screen, enter the subnet and DHCP settings
  5. When you have completed entering all of your settings, click on the OK button
  6. Now, when you go back into your virtual machines, you need to edit your existing Network Adapter and select your newly created Virtual Network and click the OK button.
  7. Once you have edited the Network Adapters for all of your virtual machines, you can power on the virtual machines.
  8. If you wish to assign static IP addresses to your virtual machines, you can assign them statically as long as they exist within the range of DHCP IP addresses available for your custom network.  
  9. Once you have assigned a static IP address to your domain controller, you can use this IP address as the Primary DNS IP address in all of your subsequent virtual machines.
  10. Once the network settings have been configured, you should be able to join your remaining machines to the domain.  
  11. If the secondary member server is joined to the domain successfully, you are on your way!! You can follow this same procedure for any additional servers that you need to join to the domain.  
  12. If you are having trouble testing communication between the domain servers (such as by using telnet), you may have to configure the Windows Firewall for Domain Networks.  NOTE: When you join machines to a domain, the Windows Firewall will automatically be enabled for Domain Networks.








No comments:

Post a Comment