Virtual domain controllers have been an available deployment option for quite some time.Windows Server 2012 makes the process of virtual deployment easier by enabling cloning. Deploying a new virtual domain controller with Windows Server 2012 no longer requires the use of sysprep.
Active Directory relies heavily on clock-based replication using an increasing number known as an Update Sequence Number (USN). Each domain controller within an organization has a unique identity known as an InvocationID. Combining the USN and the InvocationID creates an identifier that must be unique across the entire forest.
A new identifier called a VM-GenerationID, a feature added in Windows Server 2012, adds safeguards for virtually deployed domain controllers. The VM-GenerationID is stored in the msDS-GenerationID attribute in the domain controller’s computer object. If a virtual snapshot is used or rolled back, the VM-GenerationID is compared to the original value in the msDS-GenerationID and, if different, the InvocationID is reset.
Virtualized domain controller cloning is helpful for rapidly deploying test environments or deployment to branch offices. Cloning is also helpful for scaling out when resource capacity of the existing domain controllers are reached.
