Solved

How can I use VMWare Server to swap Domain Controllers without downtime?

Posted on 2008-10-22
12
386 Views
Last Modified: 2009-04-02
I realize what I'm about to ask is pretty difficult but I'm hoping somebody on this site will be able to help me out.

What I'm trying to do is this:

I'm trying to find a way to put VMWare Server with Server 2003 on a system, backup all of their domain information up onto that from the server it is hosted on, and them be able to export that to another server to swap in with minimal downtime.

I realize there are a lot of permission issues and what not with doing that but I'm confident that it is somehow possible. Does anybody on here have experience with doing this? If so, can you provide instructions as to how I can accomplish this?


Thanks in advance.
0
Comment
Question by:SysAdminWVU
12 Comments
 
LVL 5

Expert Comment

by:belowzerotech
ID: 22782098
I believe VMWare offers a program to image a current active server into a VMWare image that can be used in ESX or one of their other infrastructure programs called VMware converter. Might want to look into that.  
0
 
LVL 1

Author Comment

by:SysAdminWVU
ID: 22782143
I don't want to directly image the server. This is a hypothetical situation I'm working with for a solution at my company. If there is a problem with our software and database, I'd like to be able to export all the domain controller information without the rest of the information so that I can import that onto a new server.
0
 
LVL 30

Expert Comment

by:LauraEHunterMVP
ID: 22782529
Domain controllers cannot be imaged and "swapped" in the manner that you are describing, certainly not in a supported manner. Redundancy and failover in Active Directory is created by having multiple domain controllers online and replicating with one another at any given time.
0
 
LVL 18

Expert Comment

by:exx1976
ID: 22783011
If I'm understanding the question correctly, all you need to do in order to "copy" the domain controller information is to build another server and DCPROMO it.  AD will handle the replication of account information/DNS and such..

??
0
 
LVL 1

Author Comment

by:SysAdminWVU
ID: 22783123
I will have to hold off on this temporarily I suppose and rephrase the question again tomorrow.

The problem we are facing is this: We have a couple dozen or so servers that we need to take down, wipe out, and reconfigure our own software on.

While this is being done, we'd like to be able to temporarily use a virtual machine on another system to manage the domain because our clients cannot afford the downtime. Once we are finished with what we need to do we would then re-export the DC from the VM to the actual server.
0
 
LVL 18

Expert Comment

by:exx1976
ID: 22783160
The problem with this question is your continual use of the terms "import" and "export"..   Those terms are quite generic.  We need to know precisely what it is you are trying to accomplish here...
0
Windows Server 2016: All you need to know

Learn about Hyper-V features that increase functionality and usability of Microsoft Windows Server 2016. Also, throughout this eBook, you’ll find some basic PowerShell examples that will help you leverage the scripts in your environments!

 
LVL 1

Author Comment

by:SysAdminWVU
ID: 22786675
Okay, without using the words import and export.


We're trying to put the domain controller on a virtual machine hosted on a different system (without the non-DC related things like our software) then wipe that machine and rebuild it and repromote the server to DC.

This is different than system state.
0
 
LVL 18

Accepted Solution

by:
exx1976 earned 500 total points
ID: 22786811
Now you've really got me...   System State?  Where does that enter in the equation?

Are you an admin or a developer?  I think there is a disconnect here in terms of the vocabulary that we are using to try to address this.


Unless I'm misunderstanding, however, you can just install Server 2003 as a VM, DCPROMO it, then DCPROMO your "development" domain controller (who ever heard of such a thing??) back down to a member server, wipe it, reinstall, then DCPROMO again, then DCPROMO the VM back to a member server and then shut it off...

0
 
LVL 1

Author Comment

by:SysAdminWVU
ID: 22787084
This isn't a development server, like I said in an earlier post we're having a problem with our own software that is causing problems with our databases. We have a fix for the issue but it requires us to rebuild the machine and we can't afford for our clients to be down during this time period.

The reason I mentioned system state is because the only way I've discovered of doing this online thus is by using system state.

I will give your method a try to see if it's really as simple as doing that. By DCPROMOing the VM server, you're saying it will automatically replicate all of the DC settings to the VM server and then back to the main server?
0
 
LVL 18

Expert Comment

by:exx1976
ID: 22787190
Well, I don't really know how to answer that, since the rest of the vocabulary in here has been vague at best.

How about tyou define DC settings for me so that I know EXACTLY what it is you are trying to replicate back and forth and then I can suggest the most appropriate course of action?
0
 
LVL 1

Author Comment

by:SysAdminWVU
ID: 22787924
The domain users, groups, permissions, passwords, AD structure, etc.

I simply don't want our software to be on there.
0
 
LVL 18

Expert Comment

by:exx1976
ID: 22788059
Yes.  DCPROMO will pull over all the users, password, groups, OUs, directory structure, Group Policies, computer accounts, etc.  All the info stored in AD will automatically replicate.  If you have DNS on the server you are trying to take down, you'll need to install DNS on the VM as well.  During the DCPROMO process, you'll see a little indicator telling you how many records have been copied to the new server.

Do not take down the old server until you are 100% certain that all replication has completed.  Depending on the size of your directory, your forest, and the speed of your network links, this could be as fast as 5 minutes, or as long as a day or so.


HTH,
exx
0

Featured Post

Is Your Active Directory as Secure as You Think?

More than 75% of all records are compromised because of the loss or theft of a privileged credential. Experts have been exploring Active Directory infrastructure to identify key threats and establish best practices for keeping data safe. Attend this month’s webinar to learn more.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

HOW TO: Install and Configure VMware vSphere Hypervisor 6.5 (ESXi 6.5), Step by Step Tutorial with screenshots. From Download, Checking Media, to Completed Installation.
In this article, I am going to show you how to simulate a multi-site Lab environment on a single Hyper-V host. I use this method successfully in my own lab to simulate three fully routed global AD Sites on a Windows 10 Hyper-V host.
Teach the user how to install log collectors and how to configure ESXi 5.5 for remote logging Open console session and mount vCenter Server installer: Install vSphere Core Dump Collector: Install vSphere Syslog Collector: Open vSphere Client: Config…
This tutorial will walk an individual through the steps necessary to join and promote the first Windows Server 2012 domain controller into an Active Directory environment running on Windows Server 2008. Determine the location of the FSMO roles by lo…

896 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

13 Experts available now in Live!

Get 1:1 Help Now