?
Solved

How can I use VMWare Server to swap Domain Controllers without downtime?

Posted on 2008-10-22
12
Medium Priority
?
394 Views
Last Modified: 2009-04-02
I realize what I'm about to ask is pretty difficult but I'm hoping somebody on this site will be able to help me out.

What I'm trying to do is this:

I'm trying to find a way to put VMWare Server with Server 2003 on a system, backup all of their domain information up onto that from the server it is hosted on, and them be able to export that to another server to swap in with minimal downtime.

I realize there are a lot of permission issues and what not with doing that but I'm confident that it is somehow possible. Does anybody on here have experience with doing this? If so, can you provide instructions as to how I can accomplish this?


Thanks in advance.
0
Comment
Question by:SysAdminWVU
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
12 Comments
 
LVL 5

Expert Comment

by:belowzerotech
ID: 22782098
I believe VMWare offers a program to image a current active server into a VMWare image that can be used in ESX or one of their other infrastructure programs called VMware converter. Might want to look into that.  
0
 
LVL 1

Author Comment

by:SysAdminWVU
ID: 22782143
I don't want to directly image the server. This is a hypothetical situation I'm working with for a solution at my company. If there is a problem with our software and database, I'd like to be able to export all the domain controller information without the rest of the information so that I can import that onto a new server.
0
 
LVL 30

Expert Comment

by:LauraEHunterMVP
ID: 22782529
Domain controllers cannot be imaged and "swapped" in the manner that you are describing, certainly not in a supported manner. Redundancy and failover in Active Directory is created by having multiple domain controllers online and replicating with one another at any given time.
0
NFR key for Veeam Backup for Microsoft Office 365

Veeam is happy to provide a free NFR license (for 1 year, up to 10 users). This license allows for the non‑production use of Veeam Backup for Microsoft Office 365 in your home lab without any feature limitations.

 
LVL 18

Expert Comment

by:exx1976
ID: 22783011
If I'm understanding the question correctly, all you need to do in order to "copy" the domain controller information is to build another server and DCPROMO it.  AD will handle the replication of account information/DNS and such..

??
0
 
LVL 1

Author Comment

by:SysAdminWVU
ID: 22783123
I will have to hold off on this temporarily I suppose and rephrase the question again tomorrow.

The problem we are facing is this: We have a couple dozen or so servers that we need to take down, wipe out, and reconfigure our own software on.

While this is being done, we'd like to be able to temporarily use a virtual machine on another system to manage the domain because our clients cannot afford the downtime. Once we are finished with what we need to do we would then re-export the DC from the VM to the actual server.
0
 
LVL 18

Expert Comment

by:exx1976
ID: 22783160
The problem with this question is your continual use of the terms "import" and "export"..   Those terms are quite generic.  We need to know precisely what it is you are trying to accomplish here...
0
 
LVL 1

Author Comment

by:SysAdminWVU
ID: 22786675
Okay, without using the words import and export.


We're trying to put the domain controller on a virtual machine hosted on a different system (without the non-DC related things like our software) then wipe that machine and rebuild it and repromote the server to DC.

This is different than system state.
0
 
LVL 18

Accepted Solution

by:
exx1976 earned 1500 total points
ID: 22786811
Now you've really got me...   System State?  Where does that enter in the equation?

Are you an admin or a developer?  I think there is a disconnect here in terms of the vocabulary that we are using to try to address this.


Unless I'm misunderstanding, however, you can just install Server 2003 as a VM, DCPROMO it, then DCPROMO your "development" domain controller (who ever heard of such a thing??) back down to a member server, wipe it, reinstall, then DCPROMO again, then DCPROMO the VM back to a member server and then shut it off...

0
 
LVL 1

Author Comment

by:SysAdminWVU
ID: 22787084
This isn't a development server, like I said in an earlier post we're having a problem with our own software that is causing problems with our databases. We have a fix for the issue but it requires us to rebuild the machine and we can't afford for our clients to be down during this time period.

The reason I mentioned system state is because the only way I've discovered of doing this online thus is by using system state.

I will give your method a try to see if it's really as simple as doing that. By DCPROMOing the VM server, you're saying it will automatically replicate all of the DC settings to the VM server and then back to the main server?
0
 
LVL 18

Expert Comment

by:exx1976
ID: 22787190
Well, I don't really know how to answer that, since the rest of the vocabulary in here has been vague at best.

How about tyou define DC settings for me so that I know EXACTLY what it is you are trying to replicate back and forth and then I can suggest the most appropriate course of action?
0
 
LVL 1

Author Comment

by:SysAdminWVU
ID: 22787924
The domain users, groups, permissions, passwords, AD structure, etc.

I simply don't want our software to be on there.
0
 
LVL 18

Expert Comment

by:exx1976
ID: 22788059
Yes.  DCPROMO will pull over all the users, password, groups, OUs, directory structure, Group Policies, computer accounts, etc.  All the info stored in AD will automatically replicate.  If you have DNS on the server you are trying to take down, you'll need to install DNS on the VM as well.  During the DCPROMO process, you'll see a little indicator telling you how many records have been copied to the new server.

Do not take down the old server until you are 100% certain that all replication has completed.  Depending on the size of your directory, your forest, and the speed of your network links, this could be as fast as 5 minutes, or as long as a day or so.


HTH,
exx
0

Featured Post

Are your AD admin tools letting you down?

Managing Active Directory can get complicated.  Often, the native tools for managing AD are just not up to the task.  The largest Active Directory installations in the world have relied on one tool to manage their day-to-day administration tasks: Hyena. Start your trial today.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

A hard and fast method for reducing Active Directory Administrators members.
Microsoft Office 365 is a subscriptions based service which includes services like Exchange Online and Skype for business Online. These services integrate with Microsoft's online version of Active Directory called Azure Active Directory.
This tutorial will walk an individual through the process of transferring the five major, necessary Active Directory Roles, commonly referred to as the FSMO roles to another domain controller. Log onto the new domain controller with a user account t…
This video shows how to use Hyena, from SystemTools Software, to bulk import 100 user accounts from an external text file. View in 1080p for best video quality.
Suggested Courses

752 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question