Forum Discussion
Azure Migration without VM Shutdown
We're in the process of shutting down the on-premises setup of our company environment running on VMware. We have a DC, SQL server, accounting server and a couple terminal servers used for remote access. I have created the necessary Azure migration assessment and ready to start the replication of the 1st batch of servers. Because we have a legacy custom SQL app, we must maintain standard Windows AD, so I'll be moving our DC virtual machine. Azure AD will not work thus the need to migrate our on-prem DC.
My question is replicating and copying our on-prem domain controller from VMware up to Azure but keeping it running following the replication migration up to Azure. I know the normal process of replication is to shutdown the running on-prem VMs once the final delta replication has completed. However, I need to keep my on-prem AD environment running for about another month as I build the Azure environment in parallel. I understand that the two environments will not be in-sync if new domain users are created but this likely will not need to occur with the small size of the company. Basically, does the Azure migration process allow us to keep the migrated VMs running following the final replication sync? I'll do this replication during non-production hours so network activity will be zero.
Thanks for any suggestions or input.
Ken
6 Replies
Kidd_Ip hello,
As a preparation and prerequisites a new DC will be created in Azure therefore it will be a vnet with address space and it will have the same subnet as on-prem to keep same IPs for the VMs.
But between on-prem and Azure we have an expressroute or vpn so we will have overlapping. How we can prevent this since both they will be run in parallel? I am curious to know if there is a possible solution. Thanks in advance- Did you find a resolution for this as I agree that with the expressroute active during Azure Migrate processing, the two (2) DCs would "see and talk" to each other. And with the IPs and FSMO roles likely conflicting, lots wrong can happen. I migrated my DC to Azure but had to leave the original DC active on-prem for a variety of reasons. And now that I need to migrate a few remaining VMs from on-prem to Azure, I'm concerned that the expressroute that's active during Azure Migrate will cause the two DCs with the same name, IP address and FSMO roles to "see" each other.
- Hello,
For active directories I suggest you to create new domain controllers in Azure as IAAS and add them to your forest. Once all your workload are migrated to Azure you decommission the ADs on-prem. Configure the DNS on the vnets to point to the new domains in Azure. When migrating your on-premises domain controller (DC) from VMware to Azure, you can indeed keep the VM running following the final replication sync. Here’s how it works:
- Incremental Replication:
- During the migration process, Azure Migrate uses incremental replication. In this phase, data changes that have occurred since the beginning of the last completed replication cycle are replicated and written to the replica managed disks in Azure. This ensures that the replication stays in sync with any changes happening on the VM in your on-premises environment.
- Essentially, Azure Migrate captures the delta changes and keeps the Azure VM up-to-date with the latest data.
- Postpone Final Migration:
- If there are any errors during the test migration or user acceptance testing (UAT), you have the option to postpone the final migration.
- By doing so, you can keep your source VM (the on-premises DC) running and replicating to Azure. Once you resolve the errors, you can reattempt the final migration.
- This flexibility allows you to maintain your on-premises AD environment while building the Azure environment in parallel.
- Considerations:
- As you mentioned, the two environments won’t be in sync for new domain users created during this period. However, given the small size of your company, this may not be a critical issue.
- Make sure to plan your migration carefully, especially if you have any dependencies on the DC (such as applications relying on it).
In summary, Azure’s migration process does allow you to keep the migrated VM (domain controller) running following the final replication sync. You can proceed with confidence, knowing that your AD environment will remain operational during the transition. Good luck with your migration, and feel free to reach out if you have any further questions! 😊
"If my answer was helpful, please mark it as 'Accepted' to assist others."
