Link to home
Start Free TrialLog in
Avatar of amoos
amoos

asked on

How to restore Active Directory to a different 2008 Server???

we are making a R&D network that will be completely like the production.  i have backed up the system state on a domain controller  to an external drive and i was wondering can i restore AD to a different 2008 server from my external drive.  i know i could in server 2003.

if i cannot then how can i get a full copy of my AD on this test network server which has the exact same IP as the primary so i cannot have it on my production network to make a replica
Avatar of Syed Mutahir Ali
Syed Mutahir Ali
Flag of United Kingdom of Great Britain and Northern Ireland image

Are you running your test environment virtualized ?

if YES , then you can use a tool from Microsoft "Disk2Vhd"

Which will convert your live / production dc to a VHD file and you can use that in virtualbox and hyper-v.

You can also use windows server backup to take a full backup of your server and restore it on your test hardware.

Restoring system state :
http://serverfault.com/questions/17624/what-is-a-system-state-backup-for

If it's a completely different hardware you might have problems so I would recommend either converting your production dc to virtual hard disk via disk2vhd or taking a full / baremetal backup via windows server backup and restoring it onto your test box.

http://technet.microsoft.com/en-us/sysinternals/ee656415.aspx

Hope this helps
Avatar of amoos
amoos

ASKER

it is not virtuallized, but the hardware is the same.  both servers are the same the only difference is that one has more space than the other.

can i restore AD on the other server from the flash drive i made the backup on?
Avatar of Sarang Tinguria
1)Please configure new Replica DC of existing domain
2)then migrate that DC to different network so there is no communication betweew existing DC's and new DC
3)Seize the roles on new DC (It should have no network connectivity with existing one)
4)Cleanup metadata of other DC's (on new DC)
5)Cleanup metadata of new DC (On existing Domain)


Note:- After you finish up the first step make sure there is no network connectivity between Production and new DC (Test DC)
Avatar of amoos

ASKER

so i cannot backup AD to a external drive and then on the other server run the wbadmin and restore AD?
Not gone through that process but have done above process multiple times
Avatar of amoos

ASKER

ok.  i have done it on server 2003 before and did not have an issue but i have never done it on server 2008 but i think the result would be the same.

what do you think the downsides would be?
Avatar of amoos

ASKER

how do you migrate a DC to a different network like you said?
Just change the IP address/subnet of the DC network card
Avatar of amoos

ASKER

so let me see if i get this right

1.  make the server a DC on the production domain
2. after replication run dcpromo to remove the server from the DC role
3. disconnect the network cable from the server
4.  change the ip of the server
5. restart the server

that is it?

if i remove the DC function from the server will AD still be there and functional so i can use it on my test network?
creating an additional dc is also a very good way

You will :

Install server 2008 on your test box
dcpromo it
let ad replication complete - all synced
you will then disconnect it from the production network
bring it into your test network
change the ip address
restart netlogon service
run ipconfig /flushdns
ipconfig /registerdns
nltest /dsregdns

Do a metadata cleanup of your production active directory if you don't want to bring this dc back again in your production environment :

Metadata cleanup : http://www.petri.co.il/delete_failed_dcs_from_ad.htm
http://technet.microsoft.com/en-us/library/cc816907(v=ws.10).aspx

Also, if you can completely isolate that network from your production network - you may not even  have to change the ip ; for e.g.  if you want to test an application with active directory you can simply plug that machine and your test dc onto a separate switch disconnected from everything.

Here is a similar scenario : http://social.technet.microsoft.com/Forums/en-AU/winserverDS/thread/b3e7c123-6f18-4029-9e08-19ba4df15d92
ASKER CERTIFIED SOLUTION
Avatar of amoos
amoos

Link to home
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
Start Free Trial
Avatar of amoos

ASKER

microsft showed me how to do it and clean up the metadata