Virtualize your Windows Server 2012 domain controllers
For years, administrators have been warned about the dangers of running virtualized domain controllers. Although virtualizing domain controllers is a fully supported activity, certain hypervisor-related functions introduce issues that can be catastrophic to the domain. For example choosing to use snapshots and then actually reverting a domain controller back to a snapshot can wreak havoc in the domain. This has to do with the way that Active Directory handles update sequence numbers (USNs). When a snapshot is applied, the USN gets out sequence and updates are applied incorrectly, thus potentially corrupting the Active Directory environment.
The inability to use snapshots and other hypervisor functionality is a shame since it eliminates many of the management functions that can be enjoyed by so many other services.
With Windows Server 2012, all of that is about to change. With the 2012 release, domain controllers running in a virtual environment use a new identifier known as the VM-GenerationID. The VM-GenerationID is a method by which domain controllers can understand when they’ve been cloned or recovered from a snapshot.
There is still one matter to consider: At present, only Hyper-V 2012 supports this capability, but Microsoft is working with other hypervisor vendors to get it implemented in competing products.