Solved

Can I use a copy of a domain joined VHD on the domain?

Posted on 2012-03-23
34
898 Views
Last Modified: 2012-03-24
I have a production Hyper-V VM Windows Server 2003 R2 machine on my Server 2008 R2 domain. It is used solely as a Terminal Server, employees have user accounts on it and use Office 2007.

I want to test a few things to determine how Office 2010 will work in that environment. I made a copy of the VHD, which I would like to bring up in the domain. Then I want to try installing Office 2010 for a test user.

My question is, can I use that VHD by changing the static IP Address and Computer Name before connecting to the network? Will there be an Active Directory issue regarding the Computer Account? Thanks in advance!
0
Comment
Question by:ksoszka
  • 14
  • 12
  • 4
  • +2
34 Comments
 
LVL 9

Expert Comment

by:Geodash
ID: 37757435
Create the copy of the VM, boot it up offline by disabling the NIC or some other way. You will want to drop it from the domain and rename it then re-add it to the domain. This should generate a new SID. If it sees a new server, with a different name, with the same SID, AD will get confused. As long as you change the SID, which dropping it from the domain, renaming and re-adding should do, you should be fine.
0
 
LVL 118

Accepted Solution

by:
Andrew Hancock (VMware vExpert / EE MVE) earned 300 total points
ID: 37757467
I would recommend Sysprep-ing the Virtual Machine, before adding back to the domain, and then change it's IP address and Computer Name.

This is the recommended approach to "cloning" a computer.
0
 
LVL 57

Expert Comment

by:Mike Kline
ID: 37757486
You could run into a duplicate SID issue, you could sysprep your box, good blog here

http://blogs.msdn.com/b/jjameson/archive/2009/08/13/using-sysprep-ed-vhds-for-new-hyper-v-virtual-machines.aspx

Thanks

Mike
0
 
LVL 9

Expert Comment

by:Geodash
ID: 37757487
I agree with Sysprep, the only reason I didn't suggest it is I have seen it "break" things in the past.
0
 
LVL 37

Expert Comment

by:Neil Russell
ID: 37757488
You also need to consider the legal licence aspect. Do you have licencing for the additional 2003 terminal server?

I would discourage completely doing this with a server of any type. Better to have a completely seperate test environment that has copies of your DC's and the TS in it on a stand alone virtual network that is not connected to your physical network at all.
0
 
LVL 57

Expert Comment

by:Mike Kline
ID: 37757489
...took a few minutes too look for the link...not stepping on toes ;)
0
 

Author Comment

by:ksoszka
ID: 37757512
@geodash - Hi, sorry I am a little confused.. if I boot it up offline how can I drop it from the domain? Also, the original VHD is up and running live so I can't remove the account from the domain. Perhaps you mean to go through the steps of removing the copy VHD from the domain on the VHD itself only while the NIC is disabled? I guess that would remove the SID. Then, I would rename it, enable the NIC and join the domain as a different computer? Just want to be clear - thank you.

I typed all that before I saw of all of the sysprep suggestions. Will sysprep remove user accounts from the machine, etc? I need all of that. Also, I agree with doing this in a test environment, but I am not afforded the time to do so..

Thanks all
0
 
LVL 57

Expert Comment

by:Mike Kline
ID: 37757528
No sysprep won't remove any accounts from the machine, just ensures you have a different SID.

Thanks

Mike
0
 
LVL 9

Expert Comment

by:Geodash
ID: 37757540
When you say it is "Solely a Terminal Server", it is not running as a DC is it? You should be able to drop it from the domain and add it to a workgroup if it is "offline" meaning not on the network(disabling the NIC). The Domain Credentials should cache allowing you to do this.
0
 

Author Comment

by:ksoszka
ID: 37757575
No, it is not a DC or anything else at all. So, do you mean that I should not have to sysprep it?
0
 
LVL 118
ID: 37757588
I would recommend Sysprep, so you do not cause ANY issues with your production machine.

This is the recommended procedure for clone-ing machines in a  domain.
0
 
LVL 9

Expert Comment

by:Geodash
ID: 37757598
I agree with hanccocka in that "best practice" is to sysprep it, but I have seen sysprep break production machines. You want to test this production machine in a non-production environment so you want it to be as similar to the production environment as you can.

This is why I recommended taking the route I suggested because nothing should technically "break". If it was staying in production, I would definitely recommend sysprep'ing. But if you are just testing, I think its a "safer" route to take.

Just my opinion relating to what I have experienced in the past.
0
 

Author Comment

by:ksoszka
ID: 37757616
I have a copy of the copy saved, I am only concerned about messing up the original VHD that is running live. Is there any chance of that being affected if I do not sysprep?
0
 
LVL 9

Expert Comment

by:Geodash
ID: 37757629
Without changing the SID - yes.

Best practice to change the SID is sysprep, as hanccocka suggested.

Dropping from the domain, renaming, rebooting, then adding back to the domain does the same thing, minus all of the other stuff that sysprep does.

This is exactly what sysprep does -

http://technet.microsoft.com/en-us/library/cc766514%28v=ws.10%29.aspx
0
 
LVL 118
ID: 37757649
Hence, why I recommend Sysprep, to avoid any RISK of breaking your Live Production Server!
0
 

Author Comment

by:ksoszka
ID: 37757664
Ok, reading the sysprep stuff now - do I need any parameters?
0
 
LVL 9

Expert Comment

by:Geodash
ID: 37757677
If the only thing you want to do is change the name of the Server (which changes the SID) you should not need any.
0
 
LVL 118
ID: 37757685
Just type sysprep, in the run

double click sysprep

tick Generalize, Out of Box, Reboot

Wait....

Done
0
 

Author Comment

by:ksoszka
ID: 37757700
Ok, so in what order should I do the following:

Remove NIC from Hyper-V settings
Start a VM with the VHD copy
Change IP Address (how can I do that with no NIC?)
Rename computer
Run sysprep
Enable NIC
Join to domain
0
 
LVL 9

Assisted Solution

by:Geodash
Geodash earned 200 total points
ID: 37757716
You dont have to rename the Server, Sysprep will do it for you.

Remove the NIC
Boot up the VM
Run Sysprep
Enable NIC
Join Domain
0
 

Author Comment

by:ksoszka
ID: 37757726
Ok, will try it after lunch and come back with results. Thanks all - this sure beats Googling for hours and reading cryptic conflicting info from Microsoft!
0
 
LVL 9

Expert Comment

by:Geodash
ID: 37757730
Good Luck, let us know how it goes.
0
 

Author Comment

by:ksoszka
ID: 37758046
I have no Sysprep directory on the server. Do I need this:

http://www.microsoft.com/download/en/details.aspx?displaylang=en&id=14830
0
 
LVL 9

Expert Comment

by:Geodash
ID: 37758067
0
 
LVL 9

Expert Comment

by:Geodash
ID: 37758084
Actually, this is a great article explaining it exactly

http://jameskovacs.com/2008/10/15/how-to-sysprep-windows-server-2008/
0
 

Author Comment

by:ksoszka
ID: 37758087
The VHD is Server 2003 R2 SP2
0
 
LVL 9

Expert Comment

by:Geodash
ID: 37758096
Ohhhh sorry about that. Yes, you are on the correct link.
0
 

Author Comment

by:ksoszka
ID: 37758153
Ok, I will have to burn that to a CD cause I have no NIC...
0
 
LVL 9

Expert Comment

by:Geodash
ID: 37758162
or you can mount an ISO
0
 

Author Comment

by:ksoszka
ID: 37758355
Yes did the ISO - not sure what to choose - see attached screenshot, thanks!
sysprep1.jpg
0
 
LVL 9

Expert Comment

by:Geodash
ID: 37758428
just click reseal
0
 

Author Comment

by:ksoszka
ID: 37758447
Thanks - for anyone else uses this info, I found this and then clicked reseal:

http://blogs.technet.com/b/ronyyasmine/archive/2011/01/17/sysprep-windows-2003-r2.aspx

It is running now...
0
 

Author Comment

by:ksoszka
ID: 37759051
Ok, that all went great - the copy is now joined to the domain with a new IP and name, and working perfectly. I just ran the Office 2010 upgrade and will be doing my testing. I will figure out who's getting points ASAP - thank you all!!
0
 
LVL 9

Expert Comment

by:Geodash
ID: 37759162
Cheers, glad it is working.
0

Join & Write a Comment

Restoring deleted objects in Active Directory has been a standard feature in Active Directory for many years, yet some admins may not know what is available.
A procedure for exporting installed hotfix details of remote computers using powershell
This tutorial will walk an individual through the process of transferring the five major, necessary Active Directory Roles, commonly referred to as the FSMO roles to another domain controller. Log onto the new domain controller with a user account t…
How to install and configure Citrix XenApp 6.5 - Part 1. In this video tutorial we have explained step by step installation of Citrix XenApp 6.5 Server on Windows Server 2008 R2 is explained in this video. We have explained the difference between…

744 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

12 Experts available now in Live!

Get 1:1 Help Now