Windows 2003 Support

  • Subscribe to our RSS feed.
  • Twitter
  • StumbleUpon
  • Reddit
  • Facebook
  • Digg

Wednesday, 2 January 2013

Steps to create a Clone of Domain Controller in Windows 2012

Posted on 02:21 by Unknown


1) Make sure your hypervisor generates VM-Generation-ID. 

2) Make sure your PDC FSMO runs on Windows 2012. 

  •            BTW you cannot clone your PDF FSMO. 

3) Prepare 

  •  %Windows%\NTDS\DCCloneConfig.xml
  •  %Windows%\NTDS\CustomDCCloneAllowList.xml
    • Remove any services from your DC that cannot be cloned. 
    • PS C:> Get ADDCCloningExcludedApplicationList
4) Give Permissions in AD to Computer Object "Allow a DC to create a Clone of itself" (on Domain Object)

5) Shutdown your DC and remove any snapshots. 

6) Copy .vhd create new VM using copied .vhd. 


When it comes to Virtualizing your Domain Controller you need to understand the pitfalls of it, in case you are not following the above given steps. You might be inquisitive to know what happens say when we take a snapshot of a DC or say we clone a DC in Virtualized environments which doesn't support VM-Generation-ID and or the environment has Non Windows 2012 Active Directory Domain Controllers. 

Below are the three things which are going to help you understand why Snapshot or cloning of a  DC is not a good idea when VM-Generation-ID aware virtualization platform is not used along with Windows 2012 DCs. 

1) First understand what role is played by USN in AD replications. 
2) Watch the excellent demo on "Active Directory Virtualization safeguards and Cloning with Windows Server 2012". 
3) Then you must read this article which has some great details around Domain Controller Virtualization in HyperV environment. With a bit more of extra work you may be able to adapt this to VMWARE or Citrix virtualization platforms. 
Read More
Posted in Clone Windows 2012 DC, Cloning Domain Controller Windows 2012 Active Directory, steps to clone Windows 2012 DC | No comments
Newer Posts Older Posts Home
Subscribe to: Posts (Atom)

Popular Posts

  • Active Directory Inside Out 10 Hrs of CBT
    TechNet Webcast: Active Directory Fundamentals—Level 200 Event Overview Do you want to get a better understanding of the basic concep...
  • What are Preliminary AD DS Installation Steps and what all commands are available to upgrade the Forest schema to accept Windows server 2008?
    For new Forest: . Strong password. . Correct Network settings. . Latest Security updates. For Existing Forest: . Extend Schema using adprep...
  • How are Fine grained password Policies are stored in Windows server 2008? What are different objects associated with it?
    To store fine-grained password policies, Windows Server 2008 includes two new object classes in the Active Directory Domain Services schema:...
  • What is Well known Security principal?
    Well-Known Security Principals The term well-known security principal refers to fixed accounts that are somewhat like users or groups. Howev...
  • What is access token and how it is used?
    Access Tokens An access token describes the security context of a process. When the process tries to perform various operations in the compu...
  • Steps to create a Clone of Domain Controller in Windows 2012
    1) Make sure your hypervisor generates VM-Generation-ID.  2) Make sure your PDC FSMO runs on Windows 2012.             BTW you cannot clon...
  • How is Kerberos used while accessing file share on the network? What is the background processing involved in it?
    When user is already logged onto a domain and wants to access a resource located on a server within the same domain, a network logon process...
  • What are the new features in Windows 2012 Active Directory
    All the new features of Windows 2012 Active Directory are given below. You can use Active Directory Domain Services (AD DS) in Windows Serve...
  • What are the improvements introduced in AD Directory Domain Service Installation wizard?
    Active Directory Domain Services Installation Wizard New Wizard Page Description Additional optio...
  • How do we login in domain and what happens in the background at time of logon
    How does authentication and authoriztion happens in active directory? Everything starts when User presses Ctrl+Alt+Del and User chooses to l...

Categories

  • Active Directory Recycle bin
  • AD replication
  • Advance audit policy settings
  • Advance Audit policy settings in Windows 2008 and Windows 7.
  • Advanced Audit policy settings
  • Burflags registry Key
  • Clone Windows 2012 DC
  • Cloning Domain Controller Windows 2012 Active Directory
  • D2
  • D4
  • DCPROMO
  • domain functional levels
  • Forest functional levels
  • Group Policy preference
  • Group policy preferences in Windows 2008
  • how to rebuild sysvol
  • Journal Wrap
  • Managed service accounts in Windows 2008 R2
  • Metadata cleanup
  • NTLM Blocker
  • NTLM Blocker in Windows 2008
  • Recycle bin and Active Directory
  • Recycle Bin GUI in windows 2012
  • Recycle Bin in Windows 2008 R2
  • Recycle Bin in Windows 2012
  • Rolling back forest functional level of Windows 2008.
  • steps to clone Windows 2012 DC
  • Troubleshooting Journal Wrap
  • Upgrade Windows 2003 domain Controller to Windows 2012 Domain Controller
  • Upgrade Windows 2003 Server to windows 2012 Server
  • Upgrading domain functional level
  • upgrading forest functional level
  • USN rollback
  • Windows 2003 AD upgrade to Windows 2012 AD

Blog Archive

  • ▼  2013 (1)
    • ▼  January (1)
      • Steps to create a Clone of Domain Controller in Wi...
  • ►  2012 (6)
    • ►  August (1)
    • ►  February (5)
  • ►  2011 (3)
    • ►  March (3)
  • ►  2009 (2)
    • ►  November (1)
    • ►  August (1)
  • ►  2008 (1)
    • ►  May (1)
  • ►  2007 (28)
    • ►  November (2)
    • ►  October (2)
    • ►  September (24)
Powered by Blogger.

About Me

Unknown
View my complete profile