Restore full virtual machine or individual guest files from 19 common file systems directly from the backup file. Schedule VM backups with PowerShell scripts. Set desired time, lean back and let the script to notify you via email upon completion.
COURSE of the MONTH
9 days, 7 hours left to enrollBecome a Premium Member and unlock a new, free course in leading technologies each month.
Solved
Best way to setup an active directory test environment in windows azure from 2008 r2 domain
Posted on 2014-12-10
Experts,
I set up a sandbox in windows azure with a new forest with 4 domains for the purposes of testing a migration plan. None of these domains exist in our live environment yet, so I just created several new 2008 r2 VM's and promoted them to domain controllers as I went.
I would also like to have a copy of our actual live single domain created on the same virtual network which is totally isolated from our live environment. This domain would be in it's own forest and then I would create trusts between it and the new forest I created and use the ADMT tool for testing.
Truth be told, I have never had to do a full restore of active directory before, and with the added challenge of this being through windows azure where I won't actually have access to the console, I am unsure how to proceed.
Suggestions?
I set up a sandbox in windows azure with a new forest with 4 domains for the purposes of testing a migration plan. None of these domains exist in our live environment yet, so I just created several new 2008 r2 VM's and promoted them to domain controllers as I went.
I would also like to have a copy of our actual live single domain created on the same virtual network which is totally isolated from our live environment. This domain would be in it's own forest and then I would create trusts between it and the new forest I created and use the ADMT tool for testing.
Truth be told, I have never had to do a full restore of active directory before, and with the added challenge of this being through windows azure where I won't actually have access to the console, I am unsure how to proceed.
Suggestions?
[X]
Welcome to Experts Exchange
Add your voice to the tech community where 5M+ people just like you are talking about what matters.
- Help others & share knowledge
- Earn cash & points
- Learn & ask questions
3-
2
5 Comments
Active today
In your scenario, azure doesn't really change things9 from a management perspective. You are working with VMs on hyper-V. Azure just means they sit on servers you don't own in a data center you don't directly control.
The restore process, however, is more problematic. Because you want full isolation, the easiest method of stretching your network into azure and adding a new DC is not available to you. Instead, I think the best path for you is to start with an isolated on-premises hyper-V network. Back up the love machines you want and then restore them to new hyper-V VMs (where you do have access to the console) and then you can either stretch the new isolated network to azure (so they are linked, but isolated from your live network) or upload the VHDs into azure where the VMs can then run directly in azure.
While the process isn't overly difficult, neither is it truly one-click restoring either. Unfortunately an easier path has not come to mind.
The restore process, however, is more problematic. Because you want full isolation, the easiest method of stretching your network into azure and adding a new DC is not available to you. Instead, I think the best path for you is to start with an isolated on-premises hyper-V network. Back up the love machines you want and then restore them to new hyper-V VMs (where you do have access to the console) and then you can either stretch the new isolated network to azure (so they are linked, but isolated from your live network) or upload the VHDs into azure where the VMs can then run directly in azure.
While the process isn't overly difficult, neither is it truly one-click restoring either. Unfortunately an easier path has not come to mind.
Firstly, I should note we are not using hyper-v at all on-premises but a mix of physical and vmware.
If I understand you correctly you are saying that I could use a backup/restore utilizing what, windows server backup on 2008? and then spin up a hyper-v VM on premises but isolated from the other DC's. From that point I would just shut down the VM and upload the VHD file to azure?
Any articles or step by steps for a hyper-v beginner?
If I understand you correctly you are saying that I could use a backup/restore utilizing what, windows server backup on 2008? and then spin up a hyper-v VM on premises but isolated from the other DC's. From that point I would just shut down the VM and upload the VHD file to azure?
Any articles or step by steps for a hyper-v beginner?
Active today
Windows server backup would definitely do the job, and does support backing up AD as part of the system state.
As far as finding an article, I am mobile at the moment so don't have my notes readily available nor search. But I know the azure team has written blog posts on uploading VHDs and custom images. A quick search should churn them up. I'll follow up tomorrow if I get some time and if you haven't found them yet.
As far as finding an article, I am mobile at the moment so don't have my notes readily available nor search. But I know the azure team has written blog posts on uploading VHDs and custom images. A quick search should churn them up. I'll follow up tomorrow if I get some time and if you haven't found them yet.
I have one other idea I thought I would run by you and the other experts. I already have a DC in azure that is in a virtual network which has site-to-site VPN with our physical network. If I were to create a new 2008 r2 VM in that virtual network, wait for replication to occur then shut the machine down, delete the vm using the "keep the attached disk" option, I could create a new VM in the isolated sandbox virtual network but use the image from the deleted VM.
Thoughts?
Thoughts?
Featured Post
Question has a verified solution.
If you are experiencing a similar issue, please ask a related question
A hard and fast method for reducing Active Directory Administrators members.
Had a business requirement to store the mobile number in an environmental variable. This is just a quick article on how this was done.
This tutorial will walk an individual through setting the global and backup job media overwrite and protection periods in Backup Exec 2012.
Log onto the Backup Exec Central Administration Server. Examine the services. If all or most of them are stop…
Microsoft Active Directory, the widely used IT infrastructure, is known for its high risk of credential theft. The best way to test your Active Directory’s vulnerabilities to pass-the-ticket, pass-the-hash, privilege escalation, and malware attacks …
Suggested Courses
Course of the Month9 days, 7 hours left to enroll
762 members asked questions and received personalized solutions in the past 7 days.
Join the community of 500,000 technology professionals and ask your questions.