Solved

Create 2003 AD replica test lab on virtual servers / different hardware

Posted on 2006-07-07
4
571 Views
Last Modified: 2013-11-15
Problem: I need to merge 2 forests GAL’s using Microsoft Identity Integration server, this needs to be done in a test lab first.

Ok so I know I can import accounts and objects in to 2 replica forests using CSVDE but I really want all the full AD partitions to be there for a true representation. The tricky bit is the fact that I want to restore AD on to 2 virtual hosts, I can find documentation on how to restore to different hardware under Windows 2000 but nothing on 2003. Ideally I want all AD factors to be as close to the production systems as possible.
0
Comment
Question by:micror
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 2
4 Comments
 
LVL 85

Accepted Solution

by:
oBdA earned 180 total points
ID: 17061564
Create the VM with all necessary services while it has network access to your production domain.
dcpromo it. Wait for replication.
Switch the VM to an internal network on the VM, do NEVER EVER bring it back in contact with your production domain again!
Remove the VM from your AD:
How to remove data in Active Directory after an unsuccessful domain controller demotion
http://support.microsoft.com/?kbid=216498

Seize the FSMO roles on the VM:
How To View and Transfer FSMO Roles in Windows Server 2003
http://support.microsoft.com/?kbid=324801

Transfer the Licensing server to the VM:
In AD Sites and Services, right-click "License Server" in the right pane, choose Properties, and move it to the new server.

To be able to transfer files between the VM and your production network (apart from using iso images or CDs):
* Install the MS Loopback NIC as additional NIC on the virtual server, give it an address different from your normal subnet; disable NetBIOS over TCP/IP on this NIC. Change the IP address on the VM accordingly.
* Bind the VM's NIC (or the virtual switch if you're using one) to the Loopback NIC.
* Transfer the files to a folder on the VS, map this folder from the VM using the loopback NIC.
0
 
LVL 104

Assisted Solution

by:Sembee
Sembee earned 70 total points
ID: 17065394
I do this all the time.
The only variation I make to the process outlined above is that I COPY the Virtual Machine files to another location.
I then change the network configuration of the copy of the virtual machine to isolate it.
The original is then booted up and removed from the domain correctly using DCPROMO. Dropped in to a workgroup and then deleted.

All the warnings as above apply.

Simon.
0
 
LVL 1

Author Comment

by:micror
ID: 17072678
Cheers OBDA - i did think of that myself, but i dont really want to introduce another DC unless it is actually needed even with Sembee's suggestion of the clean removal, which i aslo thought of. I was thinking more along the lines of a backup / restore procedure.........
0
 
LVL 1

Author Comment

by:micror
ID: 17089027
Well i had to go down the suggested route in the end, the test GAL integration worked a charm - now onto the production stuff!
0

Featured Post

Migrating Your Company's PCs

To keep pace with competitors, businesses must keep employees productive, and that means providing them with the latest technology. This document provides the tips and tricks you need to help you migrate an outdated PC fleet to new desktops, laptops, and tablets.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Create your own, high-performance VM backup appliance by installing NAKIVO Backup & Replication directly onto a Synology NAS!
Workplace bullying has increased with the use of email and social media. Retain evidence of this with email archiving to protect your employees.
This tutorial will walk an individual through the process of installing the necessary services and then configuring a Windows Server 2012 system as an iSCSI target. To install the necessary roles, go to Server Manager, and select Add Roles and Featu…
This tutorial will walk an individual through setting the global and backup job media overwrite and protection periods in Backup Exec 2012. Log onto the Backup Exec Central Administration Server. Examine the services. If all or most of them are stop…

717 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question