Help with July 2013 Update Rollup Virtual AD Impact
Understand changes to Hyper-V virtualized domain controllers with July 2013 update.
August 5, 2013
Q: After I apply the July 2013 Windows Update Rollup that has a fix for Active Directory corruption when a Windows Server 2012 Hyper-V host crashes and virtual IDE is used, what actions should I take?
A: The best-practice guidance is to place the Active Directory (AD) database (NTDS.DIT)--and in fact any .JET database--on a virtual hard disk (VHD) connected to the virtual SCSI bus. This can provide IO guarantees and ensure write caching isn't used.
On a virtual IDE drive, when AD finds it can't disable write caching and issues I/Os with the FUA bit set (Force Unit Access, which means basically to write-through directly to disk and ignore caching), the FUA is ignored. This means database writes might be cached, and, during failures, data loss and corruption is possible. On Virtual SCSI, however, write caching can be disabled, which is why Virtual SCSI should be used.
The July 2013 Update Rollup includes a fix that allows Active Directory databases to run on virtual IDE connected drives. There is no manual action required. The fix now allows the FUA required to be honored, avoiding write cache and removing the chance of corruption.
About the Author
You May Also Like