Microsoft has just posted a Knowledge Base or support article, covering Windows Server 2003, Windows Server 2008, Windows Server 2008 R2, and Windows Server 2012 Failover Clustering, that describes how to enable Active Directory and use Failover Cluster nodes as domain controllers.
Doing this should be a last resort. It falls into my “don’t do it because you can” rule. For example, I can jump off of a cliff but I choose not to do so because I like breathing and the results that gives me.
There are some notes in the article:
- Doing this is not supported on Exchange nodes
- This is not supported for SQL Server nodes
- Hyper-V recommends not to run roles other than Hyper-V in the Management OS (the article mistakenly calls it the parent partition)
- And the list goes on and on and on …
The fact that this list of notes is so long should indicate to you that implementing this configuration is bad. I personally think Microsoft shouldn’t support it because there are too many morons out there who will do it, break it, and screw up their employers/customers. If you’ve read this, ignored my advice, and call me for help, I will laugh in your face or down the phone at you.
Save this configuration for the lab only. That’s not the official line from Microsoft, but that’s my line. Actually, read the list of notes in the article and you’ll see:
It is not supported to combine the Active Directory Domain Services role and the Failover Cluster feature on Windows Server 2012.
If you want to save money and not have additional physical domain controllers, then use Windows Server 2012 Hyper-V to take advantage of cluster bootstrapping. This will allow you to run virtual DCs. I’d consider running at least 2 virtual DCs, 1 being HA, and the other not.