Can I use a copy of a domain joined VHD on the domain?

I have a production Hyper-V VM Windows Server 2003 R2 machine on my Server 2008 R2 domain. It is used solely as a Terminal Server, employees have user accounts on it and use Office 2007.

I want to test a few things to determine how Office 2010 will work in that environment. I made a copy of the VHD, which I would like to bring up in the domain. Then I want to try installing Office 2010 for a test user.

My question is, can I use that VHD by changing the static IP Address and Computer Name before connecting to the network? Will there be an Active Directory issue regarding the Computer Account? Thanks in advance!
ksoszkaAsked:
Who is Participating?

[Product update] Infrastructure Analysis Tool is now available with Business Accounts.Learn More

x
I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

GeodashCommented:
Create the copy of the VM, boot it up offline by disabling the NIC or some other way. You will want to drop it from the domain and rename it then re-add it to the domain. This should generate a new SID. If it sees a new server, with a different name, with the same SID, AD will get confused. As long as you change the SID, which dropping it from the domain, renaming and re-adding should do, you should be fine.
0
Andrew Hancock (VMware vExpert / EE MVE^2)VMware and Virtualization ConsultantCommented:
I would recommend Sysprep-ing the Virtual Machine, before adding back to the domain, and then change it's IP address and Computer Name.

This is the recommended approach to "cloning" a computer.
0

Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
Mike KlineCommented:
You could run into a duplicate SID issue, you could sysprep your box, good blog here

http://blogs.msdn.com/b/jjameson/archive/2009/08/13/using-sysprep-ed-vhds-for-new-hyper-v-virtual-machines.aspx

Thanks

Mike
0
Acronis True Image 2019 just released!

Create a reliable backup. Make sure you always have dependable copies of your data so you can restore your entire system or individual files.

GeodashCommented:
I agree with Sysprep, the only reason I didn't suggest it is I have seen it "break" things in the past.
0
Neil RussellTechnical Development LeadCommented:
You also need to consider the legal licence aspect. Do you have licencing for the additional 2003 terminal server?

I would discourage completely doing this with a server of any type. Better to have a completely seperate test environment that has copies of your DC's and the TS in it on a stand alone virtual network that is not connected to your physical network at all.
0
Mike KlineCommented:
...took a few minutes too look for the link...not stepping on toes ;)
0
ksoszkaAuthor Commented:
@geodash - Hi, sorry I am a little confused.. if I boot it up offline how can I drop it from the domain? Also, the original VHD is up and running live so I can't remove the account from the domain. Perhaps you mean to go through the steps of removing the copy VHD from the domain on the VHD itself only while the NIC is disabled? I guess that would remove the SID. Then, I would rename it, enable the NIC and join the domain as a different computer? Just want to be clear - thank you.

I typed all that before I saw of all of the sysprep suggestions. Will sysprep remove user accounts from the machine, etc? I need all of that. Also, I agree with doing this in a test environment, but I am not afforded the time to do so..

Thanks all
0
Mike KlineCommented:
No sysprep won't remove any accounts from the machine, just ensures you have a different SID.

Thanks

Mike
0
GeodashCommented:
When you say it is "Solely a Terminal Server", it is not running as a DC is it? You should be able to drop it from the domain and add it to a workgroup if it is "offline" meaning not on the network(disabling the NIC). The Domain Credentials should cache allowing you to do this.
0
ksoszkaAuthor Commented:
No, it is not a DC or anything else at all. So, do you mean that I should not have to sysprep it?
0
Andrew Hancock (VMware vExpert / EE MVE^2)VMware and Virtualization ConsultantCommented:
I would recommend Sysprep, so you do not cause ANY issues with your production machine.

This is the recommended procedure for clone-ing machines in a  domain.
0
GeodashCommented:
I agree with hanccocka in that "best practice" is to sysprep it, but I have seen sysprep break production machines. You want to test this production machine in a non-production environment so you want it to be as similar to the production environment as you can.

This is why I recommended taking the route I suggested because nothing should technically "break". If it was staying in production, I would definitely recommend sysprep'ing. But if you are just testing, I think its a "safer" route to take.

Just my opinion relating to what I have experienced in the past.
0
ksoszkaAuthor Commented:
I have a copy of the copy saved, I am only concerned about messing up the original VHD that is running live. Is there any chance of that being affected if I do not sysprep?
0
GeodashCommented:
Without changing the SID - yes.

Best practice to change the SID is sysprep, as hanccocka suggested.

Dropping from the domain, renaming, rebooting, then adding back to the domain does the same thing, minus all of the other stuff that sysprep does.

This is exactly what sysprep does -

http://technet.microsoft.com/en-us/library/cc766514%28v=ws.10%29.aspx
0
Andrew Hancock (VMware vExpert / EE MVE^2)VMware and Virtualization ConsultantCommented:
Hence, why I recommend Sysprep, to avoid any RISK of breaking your Live Production Server!
0
ksoszkaAuthor Commented:
Ok, reading the sysprep stuff now - do I need any parameters?
0
GeodashCommented:
If the only thing you want to do is change the name of the Server (which changes the SID) you should not need any.
0
Andrew Hancock (VMware vExpert / EE MVE^2)VMware and Virtualization ConsultantCommented:
Just type sysprep, in the run

double click sysprep

tick Generalize, Out of Box, Reboot

Wait....

Done
0
ksoszkaAuthor Commented:
Ok, so in what order should I do the following:

Remove NIC from Hyper-V settings
Start a VM with the VHD copy
Change IP Address (how can I do that with no NIC?)
Rename computer
Run sysprep
Enable NIC
Join to domain
0
GeodashCommented:
You dont have to rename the Server, Sysprep will do it for you.

Remove the NIC
Boot up the VM
Run Sysprep
Enable NIC
Join Domain
0
ksoszkaAuthor Commented:
Ok, will try it after lunch and come back with results. Thanks all - this sure beats Googling for hours and reading cryptic conflicting info from Microsoft!
0
GeodashCommented:
Good Luck, let us know how it goes.
0
ksoszkaAuthor Commented:
I have no Sysprep directory on the server. Do I need this:

http://www.microsoft.com/download/en/details.aspx?displaylang=en&id=14830
0
GeodashCommented:
Actually, this is a great article explaining it exactly

http://jameskovacs.com/2008/10/15/how-to-sysprep-windows-server-2008/
0
ksoszkaAuthor Commented:
The VHD is Server 2003 R2 SP2
0
GeodashCommented:
Ohhhh sorry about that. Yes, you are on the correct link.
0
ksoszkaAuthor Commented:
Ok, I will have to burn that to a CD cause I have no NIC...
0
GeodashCommented:
or you can mount an ISO
0
ksoszkaAuthor Commented:
Yes did the ISO - not sure what to choose - see attached screenshot, thanks!
sysprep1.jpg
0
GeodashCommented:
just click reseal
0
ksoszkaAuthor Commented:
Thanks - for anyone else uses this info, I found this and then clicked reseal:

http://blogs.technet.com/b/ronyyasmine/archive/2011/01/17/sysprep-windows-2003-r2.aspx

It is running now...
0
ksoszkaAuthor Commented:
Ok, that all went great - the copy is now joined to the domain with a new IP and name, and working perfectly. I just ran the Office 2010 upgrade and will be doing my testing. I will figure out who's getting points ASAP - thank you all!!
0
GeodashCommented:
Cheers, glad it is working.
0
It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today
Windows Server 2008

From novice to tech pro — start learning today.