The most successful MSPs rely on metrics – known as key performance indicators (KPIs) – for making informed decisions that help their businesses thrive, rather than just survive. This eBook provides an overview of the most important KPIs used by top MSPs.
Requirement of creating a new Active Directory severs from an existing one
I have one AD-DNS server (Windows 2008 R2 based) running in my production system.This AD-DNS server is having 10 Nos of sites connected to it under one forest.The forest is having 1 no. of domain under it.
It is having more than 100 nos of group policies and more than 100 OUs configured in it and more than 300 users.
I require to set up a test platform of the same configuration.But, I do not require all the sites, all the OUs and all the users to be configured in the Test System.
The test AD-DNS server is required for only user authentication and client application running purpose.I am running client applications which authenticate through the domain accounts.
I like to know what bare minimum requirement should I have in the sample test AD-DNS server so that I can run my test platform. If I have to create a new AD-DNS (via DC promo), what steps should I follow to meet my requirement.
It is having more than 100 nos of group policies and more than 100 OUs configured in it and more than 300 users.
I require to set up a test platform of the same configuration.But, I do not require all the sites, all the OUs and all the users to be configured in the Test System.
The test AD-DNS server is required for only user authentication and client application running purpose.I am running client applications which authenticate through the domain accounts.
I like to know what bare minimum requirement should I have in the sample test AD-DNS server so that I can run my test platform. If I have to create a new AD-DNS (via DC promo), what steps should I follow to meet my requirement.
Who is Participating?
Experts Exchange Solution brought to you by
Enjoy your complimentary solution view.
Get every solution instantly with Premium.
Start your 7-day free trial.
I wear a lot of hats...
"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.
Experts Exchange Solution brought to you by
Your issues matter to us.
Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.
Start your 7-day free trial
I have one Active directory DNS server (Win server 2008 R2 based) and it is having one forest named abcd1234 and a domain pqrs.com under it. There are 7 RODC sites associated with the domain.There are > 100 GPOs and a lot of policies attached with GPOs.
There are almost 300 users defined in the AD.This is running in production environment in Network A.
Now I want to have a replica of the same in a separate identical server with a few GPOs and 15 users defined in it. I do not require any site for replication from it.This will be created in a totally isolated network named Network B. Network A does not have any relation in any with Network B.
What is the way to achieve this? There are 2 option. I can create and AD (with dc promo) or I can restore the backup of the existing running production system in a separate identical server.
In both the cases can you tell me what steps I need to follow. I require the steps only.Details of how to do I will search and find out.
There are almost 300 users defined in the AD.This is running in production environment in Network A.
Now I want to have a replica of the same in a separate identical server with a few GPOs and 15 users defined in it. I do not require any site for replication from it.This will be created in a totally isolated network named Network B. Network A does not have any relation in any with Network B.
What is the way to achieve this? There are 2 option. I can create and AD (with dc promo) or I can restore the backup of the existing running production system in a separate identical server.
In both the cases can you tell me what steps I need to follow. I require the steps only.Details of how to do I will search and find out.
The new domain option I've already outlined in my first post. It's just a few clicks and in my opinion it would be the simplest ans safest approach.
The second option - is any of your current domain controllers virtualized? If yes then simply clone it to new machine. Then connect to separate network sieze all FSMO roles to it and do a metadata cleanup to get rid of all domain controllers this one would not be able to contact. If your pdc is virtualized then you can clone it and then FSMO sieze will not be necessary. But metadata cleanup will still be necessary. Then you can do any AD related tasks on it. You'll have all accounts, gpo's already present.
But remember to never connect this clonned machine to production network.
The second option - is any of your current domain controllers virtualized? If yes then simply clone it to new machine. Then connect to separate network sieze all FSMO roles to it and do a metadata cleanup to get rid of all domain controllers this one would not be able to contact. If your pdc is virtualized then you can clone it and then FSMO sieze will not be necessary. But metadata cleanup will still be necessary. Then you can do any AD related tasks on it. You'll have all accounts, gpo's already present.
But remember to never connect this clonned machine to production network.
No, do NOT clone a domain controller. using normaly cloning routines. Microsoft have a new system to allow cloning, using the 'Clonable Domain Controllers' group and a DCCloneConfig.xml file. See the step by step instructions here:
https://blogs.technet.microsoft.com/askpfeplat/2012/10/01/virtual-domain-controller-cloning-in-windows-server-2012/
https://blogs.technet.microsoft.com/askpfeplat/2012/10/01/virtual-domain-controller-cloning-in-windows-server-2012/
I think clonning dc is ok as long as you assure it will never get connected to production network. Also this procedure is for 2012 dc or newer. Author mentioned he has 2008 r2 domain controller. But anyhow the simplest and safest method is to create separate active directory.
I like to know what bare minimum requirement should I have in the sample test AD-DNS server so that I can run my test platform.
No comment has been added to this question in more than 21 days, so it is now classified as abandoned.
I have recommended this question be closed as follows:
Split:
-- Dariusz Tyka (https:#a42348255)
-- Peter Hutchison (https:#a42348965)
-- Shaun Vermaak (https:#a42349043)
If you feel this question should be closed differently, post an objection and the moderators will review all objections and close it as they feel fit. If no one objects, this question will be closed automatically the way described above.
Pber
Experts-Exchange Cleanup Volunteer
I have recommended this question be closed as follows:
Split:
-- Dariusz Tyka (https:#a42348255)
-- Peter Hutchison (https:#a42348965)
-- Shaun Vermaak (https:#a42349043)
If you feel this question should be closed differently, post an objection and the moderators will review all objections and close it as they feel fit. If no one objects, this question will be closed automatically the way described above.
Pber
Experts-Exchange Cleanup Volunteer
It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today
Active Directory
From novice to tech pro — start learning today.
-
Microsoft ApplicationsCertification: MCP MCSA Microsoft Certified Partner & Solutions Ass… 377 lessons
-
Business CommunicationCertification: PMI RMP Project Management Institute Risk Management… 113 lessons
-
Microsoft ApplicationsCertification: MCSE Microsoft Certified Systems Engineer - Securing… 324 lessons
-
Microsoft ApplicationsCertification: MOS Microsoft Office Specialist - Word 2013 Part … 120 lessons
Experts Exchange Solution brought to you by
Enjoy your complimentary solution view.
Get every solution instantly with Premium.
Start your 7-day free trial.
Would you like to run this domain in separate isolated environment or in the same network?