Establishing a seperate test environment

I am a network guy (Cisco) so I am a bit out of my comfort zone with this one.

My client is in the process of implementing Oracle IAM and want to establish a test environment and I have been assigned the responibility to design a possible solution.  They have previously tried to stage a test environment in the production environment but had a few mishaps doing this.  They now want to instead create a child domain or a completely seperate domain to do this. They want to do this because they require to write to the AD and to exchange servers to test, as well as checking IAM integration. Also they don't want the GL from the Test Exchange server users to be seen by production users.  I know there is an option to hide the users from exchange but there are hundreds of users so this will be too much work to get done and is not an option unfortunately.

the critaria:
AD in the test environment must be able to write to an AD in the production environment (but not affect the actual AD in the production environment). I do not think this is possible unless there is a tick-box to deny replication to other AD in the domain.

I am thinking that a completely seperate domain needs to be established. But then I am uncertain if this will affect the existing domain since they will be using the same network hardware (routers, switches, firewalls, internet connection...etc.)

The environment consists of mainly Windows Server 2008 and some Windows server 2003, Exchange 2010.

Any insight into how this can be done would be very helpful.
LVL 17
Marius GunnerudSenior Systems EngineerAsked:
Who is Participating?
You can do a P2V of your existing DC's and Exchange, and then power it up in vmWare ESX
vmware P2V Converter.

It's better to keep this out of your domain, on a standalone server grade hardware.

Check this kb on P2V'ing a DC

You can always setup a sub-domain and a test DC, but that wont be a true representation of your existing environment with your existing DC's.
With a P2V type test environment, you essentially have a replica of your production environment, and that is a close approximation of how the actual deployment might look like.

It's better to keep this out of your existing AD.

the adva
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

All Courses

From novice to tech pro — start learning today.