Solved

Create 2003 AD replica test lab on virtual servers / different hardware

Posted on 2006-07-07
4
561 Views
Last Modified: 2013-11-15
Problem: I need to merge 2 forests GAL’s using Microsoft Identity Integration server, this needs to be done in a test lab first.

Ok so I know I can import accounts and objects in to 2 replica forests using CSVDE but I really want all the full AD partitions to be there for a true representation. The tricky bit is the fact that I want to restore AD on to 2 virtual hosts, I can find documentation on how to restore to different hardware under Windows 2000 but nothing on 2003. Ideally I want all AD factors to be as close to the production systems as possible.
0
Comment
Question by:micror
  • 2
4 Comments
 
LVL 83

Accepted Solution

by:
oBdA earned 180 total points
ID: 17061564
Create the VM with all necessary services while it has network access to your production domain.
dcpromo it. Wait for replication.
Switch the VM to an internal network on the VM, do NEVER EVER bring it back in contact with your production domain again!
Remove the VM from your AD:
How to remove data in Active Directory after an unsuccessful domain controller demotion
http://support.microsoft.com/?kbid=216498

Seize the FSMO roles on the VM:
How To View and Transfer FSMO Roles in Windows Server 2003
http://support.microsoft.com/?kbid=324801

Transfer the Licensing server to the VM:
In AD Sites and Services, right-click "License Server" in the right pane, choose Properties, and move it to the new server.

To be able to transfer files between the VM and your production network (apart from using iso images or CDs):
* Install the MS Loopback NIC as additional NIC on the virtual server, give it an address different from your normal subnet; disable NetBIOS over TCP/IP on this NIC. Change the IP address on the VM accordingly.
* Bind the VM's NIC (or the virtual switch if you're using one) to the Loopback NIC.
* Transfer the files to a folder on the VS, map this folder from the VM using the loopback NIC.
0
 
LVL 104

Assisted Solution

by:Sembee
Sembee earned 70 total points
ID: 17065394
I do this all the time.
The only variation I make to the process outlined above is that I COPY the Virtual Machine files to another location.
I then change the network configuration of the copy of the virtual machine to isolate it.
The original is then booted up and removed from the domain correctly using DCPROMO. Dropped in to a workgroup and then deleted.

All the warnings as above apply.

Simon.
0
 
LVL 1

Author Comment

by:micror
ID: 17072678
Cheers OBDA - i did think of that myself, but i dont really want to introduce another DC unless it is actually needed even with Sembee's suggestion of the clean removal, which i aslo thought of. I was thinking more along the lines of a backup / restore procedure.........
0
 
LVL 1

Author Comment

by:micror
ID: 17089027
Well i had to go down the suggested route in the end, the test GAL integration worked a charm - now onto the production stuff!
0

Featured Post

PRTG Network Monitor: Intuitive Network Monitoring

Network Monitoring is essential to ensure that computer systems and network devices are running. Use PRTG to monitor LANs, servers, websites, applications and devices, bandwidth, virtual environments, remote systems, IoT, and many more. PRTG is easy to set up & use.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

A Bare Metal Image backup allows for the restore of an entire system to a similar or dissimilar hardware. They are highly useful for migrations and disaster recovery. Bare Metal Image backups support Full and Incremental backups. Differential backup…
The Delta outage: 650 cancelled flights, more than 1200 delayed flights, thousands of frustrated customers, tens of millions of dollars in damages – plus untold reputational damage to one of the world’s most trusted airlines. All due to a catastroph…
This tutorial will show how to configure a single USB drive with a separate folder for each day of the week. This will allow each of the backups to be kept separate preventing the previous day’s backup from being overwritten. The USB drive must be s…
This tutorial will walk an individual through setting the global and backup job media overwrite and protection periods in Backup Exec 2012. Log onto the Backup Exec Central Administration Server. Examine the services. If all or most of them are stop…

867 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

21 Experts available now in Live!

Get 1:1 Help Now