- Active Directory Administration Cookbook
- Sander Berkouwer
- 184字
- 2021-06-24 14:42:22
How it works...
For both these platforms, it is important to have the integration components/VMware Tools installed on the virtual domain controllers.
It's tempting to think that disabling the Synchronize guest time with host options in the integration components/VMware Tools keeps virtual domain controllers from synchronizing time with the virtualization host on which they run. Even if the option is disabled, a virtual domain controller will synchronize its time when you do the following:
- Suspend it, the next time you resume it.
- Migrate the virtual domain controller using vMotion or live migration.
- Take a snapshot.
- Restore to a snapshot.
- Shrink the virtual disk.
- Restart the VMware Tools service.
- Reboot the virtual domain controller.
When the virtual domain controller happens to run on a virtualization host with incorrect time settings, the domain controller picks up the wrong time and will share this wrong time with other servers, networking appliances, and client devices. When users rely on these servers or devices to access resources that have the correct time, the authentication to these resources might fail because of the time difference.