Urgent Active Airectory Lab environment creation from Active Directory production environment


I need Step by step guide to build an Active directory test environment from our AD production environment.
The test environment will be a replicate from the production environment.
The IP address for the DCs in the test environment will be different.
The name of the AD Forest Test environment will also be different
The DC in the test environment will be virtual  machines running  2008 R2

In the production environment We  have a root domain and 3 child domain only
In the test environment We intend to  have a root domain and a child domain only
We have backup of our DC in production environment

How do i manage to export  GPO  and OU structure etc....

Thank you
Who is Participating?

[Product update] Infrastructure Analysis Tool is now available with Business Accounts.Learn More

I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

Will SzymkowskiSenior Solution ArchitectCommented:
If you are not building this from scratch and you want an exact replica of your production then you are going to have to P2V your DC's and then put them in a Vm envirnment where the network is COMPLETELY isolated from your production network. For this to work exactly like production and to mitigate USN Roll Back you will need to perform the P2V while the DC's (all of them) are offline.

If you do not do this while all of the DC's are offline you most likely will run into issues like USN Roll back or other replicaiton issues.

This is required if you want exactly what production has running.

Don S.Commented:
If you intend to change all what you indicated, you are going to have a lot of stuff that is broken.  I think a simpler way would be to simply setup a separate vlan that is not reachable from the production LAN and put everything there.  That way you can leave everything the same (addresses, name, etc.) and nothing will be broken.

Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today
Active Directory

From novice to tech pro — start learning today.