Sharing of thoughts and information is what blogging is all about. This way we can learn from each other. Post A Comment!These postings are provided "AS IS" with no warranties, and confers no rights. You assume all risk for your use.
Anthony Bartolo Twitter | LinkedIn
Pierre Roman Twitter | LinkedIn
Last week I posted an article that highlighted the new features supporting the virtualization of Active Directory in Windows Server 2012. As promised in that article we will now look at the process of cloning a Domain Controller.
To follow along:
Scenarios that benefit from virtual domain controller cloning
The following requirements are imposed to successfully clone a Virtual Domain Controller:
Now that we have everything set. Let’s clone ourselves a DC….
We need to grant the source domain controller (ITCAMP-DC2) the permission to be cloned by adding it to the Cloneable Domain Controllers group using Active Directory Administrative Center or the following PowerShell command.
Here we need to run the Get-ADDCCloningExcludedApplicationList cmdlet on the ITCAMP-DC2 to identify any programs or services that are not evaluated for cloning. Review the output and ensure that you do not have any application, roles or Services that need to be removed. for example:
The following server roles are not supported for cloning:
You need to run the Get-ADDCCloningExcludedApplicationList cmdlet before the New-ADDCCloneConfigFile cmdlet because if the New-ADDCCloneConfigFile cmdlet detects an excluded application, it will not create a DCCloneConfig.xml file.
Next we must run New-ADDCCloneConfigFile on ITCamp-DC2 and optionally specify configuration settings for the clone domain controller, such as the name, the IP address, and DNS resolver.
To create a clone domain controller named ITCamp-Clone with dynamic IPv4 settings, type:
New-ADDCCloneConfigFile -CloneComputerName "ITCAMP-ClONE" –IPv4DNSResolver “192.168.11.100"
The output will confirm that all preliminary validation check passed and it will create the clone config file as seen in the screen shot below.
Next we’ll need to export ITCAMP-DC2 and then import it on our other Hyper-V host. This will creates a clone virtualized domain controller in your domain.
1- Shut down ITCAMP-DC2
2- Export it to a folder that the other Hyper-v (VMHOST10B) hosts has access to. In our case we will export it directly in a Export directory on the root of C: on VMHOST10A and then copy it to the Import directory on the root of C: on VMHOST10B.
3- On VMHOST10B, using Hyper-V Manager, import the virtual machine from the folder c:\Import\ITCAMP-DC2. Use the Copy the virtual machine (create new unique ID) option when importing the virtual machine. You can import and create multiple clones by importing it multiple times to different location.
4- On VMHOST10A , restart the source domain controller (ITCAMP-DC2) to bring it back online.
5- On VMHOST10B, start the virtual machine (ITCAMP-Clone) to bring it online as a clone domain controller in the domain.
The cloned domain controller will be a member of the Cloneable Domain Controllers group because it copies the membership from the source domain controller. As a best practice, you should leave the Cloneable Domain Controllers group empty until you are ready to perform cloning operations, and you should remove members after cloning operations are complete.
That’s it! cloning is complete. you can now use that cloned image as you see fit to address the scenarios we discussed in the introduction.
Try it out for yourselves.
Pierre Roman, MCITP, ITIL | Technology Evangelist
Twitter | Facebook | LinkedIn