So, after further discussion, we're not sure this path is the best moving forward for the immediate need.
The developer is currently using AD LDS, installed on his local PC, to do his testing with. He wants the Test Web server to be able to run the code, and do the LDAP query/push, and figuring out how to get the Test Web Server access to the cloned and isolated DC is very troublesome. So, we were starting to look at installing AD LDS on the Test web server, and allowing them to use that for their testing. My concern, is whether or not that LDS environment would have the ability to write back to the AD DS. I've just started doing some reading, but would like to hear from you guys on this, as well. Thanks, Joe -----Original Message----- From: [email protected] [mailto:[email protected]] On Behalf Of Michael Leone Sent: Wednesday, September 13, 2017 6:21 AM To: [email protected] Subject: Re: [NTSysADM] Building a test domain On Tue, Sep 12, 2017 at 5:31 PM, Heaton, Joseph@Wildlife <[email protected]> wrote: > For a quick build of a test domain, completely separate from a > production domain, would you take a vReplica of the production domain > controller, then revive that in the test area? Sounds great, but I > have huge trepidation about it. I have done it this way. I took a clone of one of my DCs (it's a VM), set it on an ESXi server and configured it to use a specific vswitch, *not* configured to have any NICs assigned to it (so it was a private network, and completely isolated from the other vswitches). Be certain of that part .. Then, on that cloned VM, I seized roles, deleted the other, missing DCs, changed it's IP to be one on that private vswitch, created a "management" PC to talk to it. It did work. I posted here about it, years ago. It was a lot of work. But yes, it does give you a replica of your current config (all same OUs, sites, etc).
