VMGeneration ID, a new VM “attribute” introduced in Windows Server 2012, is a 64 bit integer tied to a VM configuration. It allows applications running in a VM to detect any time shift event occured. Time shift event in the sense any mechanism that can change the present time of a VM, forward or backward. This time shift can be due to any of the following process:
- Application of a snapshot
- Importing a VM
- Restore of a backup taken earlier
The VMGeneration ID is initially stored on the domain controller’s computer object in its database. Windows driver inside the VM tracks this id independently. Whenever a time shift event occurs, the current value of VMGeneration ID from the VM driver is compared against the value in the database and if a mismatch found, then the invocationID is resetted and the RID pool is discarded. This checking is also done when the DC is rebooted.
To use the VMGeneration ID from the virtual machine, it must be running on a hypervisor that supports VMGeneration Identifiers. Also, it is a must that the guest os should support this.
We will take a single concept in two different scenarios for understanding what this VMGeneration ID does.
Consider an AD server creating a checkpoint and then later on applying that checkpoint to revert the changes done in a Windows Server 2008 or earlier OS scenario:
As shown applying a checkpoint results in loss of updates between 201-350 and the DC2 gets the value from 350 only at the time of next replication.
Consider the same scenario in Windows server 2012. Here is where the VMGeneration ID comes into play.
If any change happens to a VM that correspond to a change in VM’s time in any manner, the hypervisor will change the VM Generation ID of that VM. This change in VM allows applications to compare their cached value of VM Generation ID to the actual value and if it doesn’t match, then the application knows something has happened to that VM.
Here in our scenario, the hypervisor resets the invocation ID and updates the VMGeneration ID to match the new value. This ensures that the replication converges for both DC’s. Eventhough now we have a mechanism to solve the replication issue in the case of a checkpoint application, it is not recommended to use checkpoint as an alternative mechanism to backup.
Now, are you a VMWare administrator and want to find out whether your hypervisor supports this. Check out here.
*Thanks to Microsoft official technet site for the images