I hope you are all well and can assist.
We have a single forest as follows:
Our goal is to create a test environment by snapshotting some of our domain controllers in each of our 2 domains in production, and use these snapshots to create this test AD.
So, the plan was to do the following:
1) In each domain:
test.net (snapshot 2 domain controllers here)
a.test.net (snapshot 2 domain controllers here)
For example purposes, lets say this prod environment is on vlan1, while the test environment is on vlan2
2) We go to the test vlan (2), register the snapshot files, and create vms from them to bring up the test environment.
So on this vlan2, we now have
Basically, a mirror of production on a separate vlan.
Systems on the production vlan need to be able to access the vlan2.
That means we have to enable access from vlan1 to vlan2.
But, as the domain controllers snapped have the same names on both vlans, my question is as follows:
How do you guys get around the situation where you want to have a test environment, which closely resembles production eg.same dc names etc, but where there are systems on the production network that need access to this test environment?
We have a PKI infrastructure, and this needs to be in the test environment also, and believe this is difficult to change the names.
Im looking for help on what you guys do to ensure that:
- there is no conflict between your test and prod environment when for example, it is difficult if not impossible, or unreaslistic to:
- expect to always isolate or move systems existing on your prod network that need access to your test, to be moved on to the test network.
We don't want to snapshot our production domain controllers and other critical systems, only then having to rename all these systems in the test vlan, every time we want to mirror production. If that is what you guys do, or have to do, Id love to know.
Any help greatly appreciated.
Thanks guys in advance.