[Okta Webinar] Learn how to a build a cloud-first strategyRegister Now

x
?
Solved

Create 2003 AD replica test lab on virtual servers / different hardware

Posted on 2006-07-07
4
Medium Priority
?
574 Views
Last Modified: 2013-11-15
Problem: I need to merge 2 forests GAL’s using Microsoft Identity Integration server, this needs to be done in a test lab first.

Ok so I know I can import accounts and objects in to 2 replica forests using CSVDE but I really want all the full AD partitions to be there for a true representation. The tricky bit is the fact that I want to restore AD on to 2 virtual hosts, I can find documentation on how to restore to different hardware under Windows 2000 but nothing on 2003. Ideally I want all AD factors to be as close to the production systems as possible.
0
Comment
Question by:micror
  • 2
4 Comments
 
LVL 85

Accepted Solution

by:
oBdA earned 720 total points
ID: 17061564
Create the VM with all necessary services while it has network access to your production domain.
dcpromo it. Wait for replication.
Switch the VM to an internal network on the VM, do NEVER EVER bring it back in contact with your production domain again!
Remove the VM from your AD:
How to remove data in Active Directory after an unsuccessful domain controller demotion
http://support.microsoft.com/?kbid=216498

Seize the FSMO roles on the VM:
How To View and Transfer FSMO Roles in Windows Server 2003
http://support.microsoft.com/?kbid=324801

Transfer the Licensing server to the VM:
In AD Sites and Services, right-click "License Server" in the right pane, choose Properties, and move it to the new server.

To be able to transfer files between the VM and your production network (apart from using iso images or CDs):
* Install the MS Loopback NIC as additional NIC on the virtual server, give it an address different from your normal subnet; disable NetBIOS over TCP/IP on this NIC. Change the IP address on the VM accordingly.
* Bind the VM's NIC (or the virtual switch if you're using one) to the Loopback NIC.
* Transfer the files to a folder on the VS, map this folder from the VM using the loopback NIC.
0
 
LVL 104

Assisted Solution

by:Sembee
Sembee earned 280 total points
ID: 17065394
I do this all the time.
The only variation I make to the process outlined above is that I COPY the Virtual Machine files to another location.
I then change the network configuration of the copy of the virtual machine to isolate it.
The original is then booted up and removed from the domain correctly using DCPROMO. Dropped in to a workgroup and then deleted.

All the warnings as above apply.

Simon.
0
 
LVL 1

Author Comment

by:micror
ID: 17072678
Cheers OBDA - i did think of that myself, but i dont really want to introduce another DC unless it is actually needed even with Sembee's suggestion of the clean removal, which i aslo thought of. I was thinking more along the lines of a backup / restore procedure.........
0
 
LVL 1

Author Comment

by:micror
ID: 17089027
Well i had to go down the suggested route in the end, the test GAL integration worked a charm - now onto the production stuff!
0

Featured Post

Free Tool: SSL Checker

Scans your site and returns information about your SSL implementation and certificate. Helpful for debugging and validating your SSL configuration.

One of a set of tools we are providing to everyone as a way of saying thank you for being a part of the community.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Restoring deleted objects in Active Directory has been a standard feature in Active Directory for many years, yet some admins may not know what is available.
Backups and Disaster RecoveryIn this post, we’ll look at strategies for backups and disaster recovery.
This tutorial will walk an individual through locating and launching the BEUtility application to properly change the service account username and\or password in situation where it may be necessary or where the password has been inadvertently change…
Two types of users will appreciate AOMEI Backupper Pro: 1 - Those with PCIe drives (and haven't found cloning software that works on them). 2 - Those who want a fast clone of their boot drive (no re-boots needed) and it can clone your drive wh…
Suggested Courses

872 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question