AD Test Environment

Experts,

My company was sold and we are migrating off their network to a new one.

I have created a new AD Forest (Win2008R2) in the same subnet and our servers and desktops have migrated successfully. This exists happily in the old subnet along with the old company's live AD domain we moved away from. With a little tweaking we have accounts and shares working pretty well. We now have to switch subnets away from them to a NAT one, 192.168.100.xxx. I'd like to test this move in advance.


I'd like to test in advance by moving a "disposable" DC that will be wiped after the test to a different physical network and use the NAT network. I'd bring over a couple "disposable" workstations and a "disposable" server. This will be using a different WAN connection and would be connected to the internet separately from the old network.

I took my "disposable" DC over to the NAT network but DNS and DHCP will not start. I assume because it doesn't see the GC, have the FSMO roles, or other needed pieces.

Is there an outline of steps I would want to perform to do this test, without taking down the two live DCs on the old subnet before I'm ready?


Thoughts?
bschatzmanAsked:
Who is Participating?

Improve company productivity with a Business Account.Sign Up

x
 
Will SzymkowskiConnect With a Mentor Senior Solution ArchitectCommented:
When you move a DC's (PDC or BDC) to a total isolated network/environment, you need to Seize the roles to this machine in question...

Seizing domain roles...
http://support.microsoft.com/kb/255504

Once you have done this you also need to do a metadata cleanup
http://www.msserverpro.com/metadata-cleanup-using-ntdsutil-in-windows-server-2008-r2/

Make sure that your SRV records do not associate with your other domain controllers from your production network. You can simply go do the following...
- open DNS manager
- expand domain.com
- expand _msdcs
- expand the folders and delete any entries for old DC's that are not in your "test" environment. You do this for all SRV locations Kerberos, LDAP, GC etc

Will.
0
 
SandeshdubeySenior Server EngineerCommented:
Ensure that correct dns setting is configured once the DC is moved to new network.
Best practices for DNS client settings on DC and domain members.
http://abhijitw.wordpress.com/2012/03/03/best-practices-for-dns-client-settings-on-domain-controller/

Once the IP address is changed reboot the server for registration to take place corretly.You need to seize the fsmo role once done.Check the AD sites and services are set correctly as per n/w subnet.Verify the health of DC by dcdiag /q .You also need to remove the instances of other live DC which are not move else replication failure will occur.
0
 
Ram BalachandranCommented:
i am trying to understand your question, but i think you might need to configure sites and services and for DHCP you might need to configure DHCP relay agent
0
 
bschatzmanAuthor Commented:
This was exactly what I needed to do, and it was a success. The links were great. I'll be shutting down the test network and doing the real migration tonight. Thanks!

Bob
0
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

All Courses

From novice to tech pro — start learning today.