-----Original Message-----
From: STEVEN DANIELS [mailto:[EMAIL PROTECTED]]
Sent: Monday, October 28, 2002 3:19 PM
To: [EMAIL PROTECTED]
Subject: RE: [ActiveDir] Creating AD test enviornmentthanks everyone !
Confidentiality Notice: This e-mail message, including any attachments, is for the sole use of the intended recipient(s) and may contain confidential and privileged information. Any unauthorized review, use, disclosure or distribution is prohibited. If you are not the intended recipient, please contact the sender by reply e-mail and destroy all copies of the original message.
>>> [EMAIL PROTECTED] 10/28/02 01:16PM >>>I am SURE there is an easier way to do it – but we have done in the past is to GHOST one of our DC’s.
We set that box up in our lab - SEIZE FSMO ROLES – Use ADSIEDIT to remove the other DC’s and away we go.
-----Original Message-----
From: STEVEN DANIELS [mailto:[EMAIL PROTECTED]]
Sent: Monday, October 28, 2002 2:13 PM
To: [EMAIL PROTECTED]
Subject: RE: [ActiveDir] Creating AD test enviornment
Hi all,
We need to duplicate are current AD enviornment to a test enviornment. Can =
anyone give some tips or some links on the best way todo this. Thanks in =
advance !
Steve Daniels
Lawrence Memorial Hospital
Management Information Systems
[EMAIL PROTECTED]
785-840-3241
Confidentiality Notice: This e-mail message, including any attachments, is for the sole use of the intended recipient(s) and may contain confidential and privileged information. Any unauthorized review, use, disclosure or distribution is prohibited. If you are not the intended recipient, please contact the sender by reply e-mail and destroy all copies of the original message.
After have been
trough this myself in the last couple of weeks and spending a large amount of
hours on the phone with MS PSS, this is what my conclusion
is.
There are 2 ways to
build a AD test environment.
First
way:
-Do a system disk
and system state backup.
-Take a machine that
has the same hardware for your lab. (Vendor, raid controller, disks, NIC's,
video card, memory, firmware levels) If any of the components are not the same
it will take you a lot of hours to find out why it does not work and which
component is not working. Even with something as simple as the amount of
CPU's.
-Do a system disk
and system state restore according to MS Active Directory Disaster Recovery
document. (Authoritative restore, restore 2 times, one to org location, one to
alternate location, ntdsutil. Reboot, wait for sysvol share, copy sysvol data,
etc. etc. etc.
Lot of work (many
hours, but it can work, but like I said if it is not exactly the same
hardware forget it, only $245 with PSS will get it to work.
Second
way:
-Install the machine
that will run your AD in your lab as a DC in your production first. Let it sync
up everything and pull it of the wire. (30 minutes).
-Seize all the FSMO
roles.
-Clean
up the metadata Q216498 (delete all the servers that are no longer in the AD and
that will not be restored).
-Delete
the servers that you are not going to restore out of Sites and
Services.
-Reboot
-Run
DCDIAG / V >C:\output.txt Then search this file for any
errors
-Check
the eventlog for any errors.
I
always thought that the first way was the preferred way to do it, but after
talking to a AD guru at PSS, I learned that the preferred way is number two.
Basically what he said is that if you have more that 1 physical site in your
company, put a DC there for DR, if not, you better have identical HW available
when you need to do a DR, they cannot guarantee it will work on completely
different hardware.
Good
luck!
Fred
Fred van Donk
LVBrands
919
990-3532
[EMAIL PROTECTED]
