Cloning Active Directory Domain Controllers


A new feature in Server 2012 allows domain controllers to be cloned to allow easy domain controller provisioning. We will demonstrate the main steps required to achieve this using PowerShell.

You need to meet a few pre-requisites before actually cloning the domain controller:

  1. The PDC emulator FSMO role must be held on a Windows 2012 Domain Controller
  2. The server to be cloned must be running Windows Server 2012
  3. The Hypervisor must support DC cloning – (Hyper-V 3) (if the hypervisor is not supported for DC cloning, the DC will reboot into DSRM mode)
  4. You need to be a member of local administrators on the Hyper-V host
  5. To use the export / import feature on two different hyper-v servers make sure the virtual network switch is named the same
  6. You should not clone a VHD or restore a snapshot that is older than the tombstone lifetime value (or the deleted object lifetime value if Active Directory Recycle Bin is enabled). If you are copying a VHD of an existing domain controller, be sure the VHD file is not older that the tombstone lifetime value (by default, 60 days). You should not copy a VHD of a running domain controller to create clone media.

Follow these steps to clone your domain controller:

  1. Add the domain controller to be cloned to the Cloneable Domain Controllers Group

image

Add the computer to the group using powershell commandlet

Add-ADGroupMember –Identity “CN=Cloneable Domain Controllers,CN=Users,DC=Labchild,DC=labdomain,dc=com” –Member “DOMAIN CONTROLLER DN”

2. Check the PDC role is running on a 2012 domain controller

image

image

3. Check the list of excluded applications / applications which are not supported for DC Cloning

image

image

4. If any applications were found make sure you resolve these issue prior to cloning the applications then make the excluded application XML file

image

5. Create the clone config file

image

image

6. From the hyper-v host stop the virtual machine to be cloned, then delete any snapshots from the machine

clip_image001

clip_image002

7. Export the VM now to a folder

image

8. The VM can now be imported either on the same Hyper-V host or another

clip_image001[5]

clip_image002[5]

clip_image003

9. Start the new VM

clip_image001[7]

clip_image002[7]

clip_image003[5]

 

Advertisements

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

%d bloggers like this: