Veeam is happy to provide a free NFR license for one year. It allows for the non‑production use and valid for five workstations and two servers. Veeam Agent for Linux is a simple backup tool for your Linux installations, both on‑premises and in the public cloud.
Solved
Best way to setup an active directory test environment in windows azure from 2008 r2 domain
Posted on 2014-12-10
Experts,
I set up a sandbox in windows azure with a new forest with 4 domains for the purposes of testing a migration plan. None of these domains exist in our live environment yet, so I just created several new 2008 r2 VM's and promoted them to domain controllers as I went.
I would also like to have a copy of our actual live single domain created on the same virtual network which is totally isolated from our live environment. This domain would be in it's own forest and then I would create trusts between it and the new forest I created and use the ADMT tool for testing.
Truth be told, I have never had to do a full restore of active directory before, and with the added challenge of this being through windows azure where I won't actually have access to the console, I am unsure how to proceed.
Suggestions?
I set up a sandbox in windows azure with a new forest with 4 domains for the purposes of testing a migration plan. None of these domains exist in our live environment yet, so I just created several new 2008 r2 VM's and promoted them to domain controllers as I went.
I would also like to have a copy of our actual live single domain created on the same virtual network which is totally isolated from our live environment. This domain would be in it's own forest and then I would create trusts between it and the new forest I created and use the ADMT tool for testing.
Truth be told, I have never had to do a full restore of active directory before, and with the added challenge of this being through windows azure where I won't actually have access to the console, I am unsure how to proceed.
Suggestions?
[X]
Welcome to Experts Exchange
Add your voice to the tech community where 5M+ people just like you are talking about what matters.
- Help others & share knowledge
- Earn cash & points
- Learn & ask questions
3-
2
5 Comments
Active today
In your scenario, azure doesn't really change things9 from a management perspective. You are working with VMs on hyper-V. Azure just means they sit on servers you don't own in a data center you don't directly control.
The restore process, however, is more problematic. Because you want full isolation, the easiest method of stretching your network into azure and adding a new DC is not available to you. Instead, I think the best path for you is to start with an isolated on-premises hyper-V network. Back up the love machines you want and then restore them to new hyper-V VMs (where you do have access to the console) and then you can either stretch the new isolated network to azure (so they are linked, but isolated from your live network) or upload the VHDs into azure where the VMs can then run directly in azure.
While the process isn't overly difficult, neither is it truly one-click restoring either. Unfortunately an easier path has not come to mind.
The restore process, however, is more problematic. Because you want full isolation, the easiest method of stretching your network into azure and adding a new DC is not available to you. Instead, I think the best path for you is to start with an isolated on-premises hyper-V network. Back up the love machines you want and then restore them to new hyper-V VMs (where you do have access to the console) and then you can either stretch the new isolated network to azure (so they are linked, but isolated from your live network) or upload the VHDs into azure where the VMs can then run directly in azure.
While the process isn't overly difficult, neither is it truly one-click restoring either. Unfortunately an easier path has not come to mind.
Firstly, I should note we are not using hyper-v at all on-premises but a mix of physical and vmware.
If I understand you correctly you are saying that I could use a backup/restore utilizing what, windows server backup on 2008? and then spin up a hyper-v VM on premises but isolated from the other DC's. From that point I would just shut down the VM and upload the VHD file to azure?
Any articles or step by steps for a hyper-v beginner?
If I understand you correctly you are saying that I could use a backup/restore utilizing what, windows server backup on 2008? and then spin up a hyper-v VM on premises but isolated from the other DC's. From that point I would just shut down the VM and upload the VHD file to azure?
Any articles or step by steps for a hyper-v beginner?
Active today
Windows server backup would definitely do the job, and does support backing up AD as part of the system state.
As far as finding an article, I am mobile at the moment so don't have my notes readily available nor search. But I know the azure team has written blog posts on uploading VHDs and custom images. A quick search should churn them up. I'll follow up tomorrow if I get some time and if you haven't found them yet.
As far as finding an article, I am mobile at the moment so don't have my notes readily available nor search. But I know the azure team has written blog posts on uploading VHDs and custom images. A quick search should churn them up. I'll follow up tomorrow if I get some time and if you haven't found them yet.
I have one other idea I thought I would run by you and the other experts. I already have a DC in azure that is in a virtual network which has site-to-site VPN with our physical network. If I were to create a new 2008 r2 VM in that virtual network, wait for replication to occur then shut the machine down, delete the vm using the "keep the attached disk" option, I could create a new VM in the isolated sandbox virtual network but use the image from the deleted VM.
Thoughts?
Thoughts?
Featured Post
Question has a verified solution.
If you are experiencing a similar issue, please ask a related question
For anyone that has accidentally used newSID with Server 2008 R2 (like I did) and hasn't been able to get the server running again because you were unlucky (as I was) and had no backups - I was able to get things working by doing a Registry Hive rec…
This article provides a convenient collection of links to Microsoft provided Security Patches for operating systems that have reached their End of Life support cycle. Included operating systems covered by this article are Windows XP, Windows Server…
- Ransomware
- Experts Exchange
- Windows XP
- Windows OS
- Windows Server 2008
- Windows Server 2003, Security
This tutorial will walk an individual through the process of transferring the five major, necessary Active Directory Roles, commonly referred to as the FSMO roles from a Windows Server 2008 domain controller to a Windows Server 2012 domain controlle…
This video shows how to use Hyena, from SystemTools Software, to update 100 user accounts from an external text file. View in 1080p for best video quality.
Suggested Courses
Course of the Month15 days, left to enroll
649 members asked questions and received personalized solutions in the past 7 days.
Join the community of 500,000 technology professionals and ask your questions.