Discussion:
How can I clone a copy of active directory from a domain controller to a new installed windows 2003 ?
(too old to reply)
Tony Cheng
2005-06-28 11:48:32 UTC
Permalink
I have an existing active directory for my production environment. And now I
want to setup a development environment with the same setting as production
environment. I want to copy the active directory on production environment
and create a clone on development environment.

How can I achrieve this ? Backup and restore system data would be ok ? the
development environment is a fresh-installed windows 2003 .

Thx so much

Tony
Al Mulnick
2005-06-28 11:59:59 UTC
Permalink
That depends on your needs and your network setup.
You can use LDIFDE to clone accounts and groups and such. You could use
backup and restore to do this as long as the target is and will never see
the production network.
I'm personally a fan of using virtualization to introduce a new DC, shut it
down, and copy it to a separate isolated network where it can be cleaned up
and will exactly mirror the production environment. Then just turn the
virtual machine back on and it continues to work as advertised.

I prefer this method as it is an exact copy vs bits and piece. Backup and
restore work as well, although again, I prefer to restore to a virtual
environment for portability and ease of restoration. It's just that a lot of
the backup services out there would require my VM to be on the same network
as production and I'm not interested in that.


Al
Post by Tony Cheng
I have an existing active directory for my production environment. And now
I want to setup a development environment with the same setting as
production environment. I want to copy the active directory on production
environment and create a clone on development environment.
How can I achrieve this ? Backup and restore system data would be ok ? the
development environment is a fresh-installed windows 2003 .
Thx so much
Tony
Tony Cheng
2005-06-28 12:10:11 UTC
Permalink
Thx for your quick response.
I have searched Google and find that LDIFDE is a tool to export and import
Directory Objects. But does it mean that before using LDIFDE to import , I
have to setup an active directory first ?

On the other hands, "use backup and restore" means I backup the system data
on my production environment and then restore it on development environment
?
Post by Al Mulnick
That depends on your needs and your network setup.
You can use LDIFDE to clone accounts and groups and such. You could use
backup and restore to do this as long as the target is and will never see
the production network.
I'm personally a fan of using virtualization to introduce a new DC, shut
it down, and copy it to a separate isolated network where it can be
cleaned up and will exactly mirror the production environment. Then just
turn the virtual machine back on and it continues to work as advertised.
I prefer this method as it is an exact copy vs bits and piece. Backup and
restore work as well, although again, I prefer to restore to a virtual
environment for portability and ease of restoration. It's just that a lot
of the backup services out there would require my VM to be on the same
network as production and I'm not interested in that.
Al
Post by Tony Cheng
I have an existing active directory for my production environment. And now
I want to setup a development environment with the same setting as
production environment. I want to copy the active directory on production
environment and create a clone on development environment.
How can I achrieve this ? Backup and restore system data would be ok ?
the development environment is a fresh-installed windows 2003 .
Thx so much
Tony
Al Mulnick
2005-06-28 13:01:12 UTC
Permalink
You are correct on both accounts. However, keep in mind that LDIFDE doesn't
bring all components over. For example, GPO settings would come across via
LDIFDE but instead you would have to use GPMC or scripts.

Backup and restore /should/ be a part of your normal process anyway (and
therefore easy to use), but for development it's sometimes more work than
using the virtualization technology. Depends on frequency and local custom I
suppose.

Al
Post by Tony Cheng
Thx for your quick response.
I have searched Google and find that LDIFDE is a tool to export and import
Directory Objects. But does it mean that before using LDIFDE to import , I
have to setup an active directory first ?
On the other hands, "use backup and restore" means I backup the system
data on my production environment and then restore it on development
environment ?
Post by Al Mulnick
That depends on your needs and your network setup.
You can use LDIFDE to clone accounts and groups and such. You could use
backup and restore to do this as long as the target is and will never see
the production network.
I'm personally a fan of using virtualization to introduce a new DC, shut
it down, and copy it to a separate isolated network where it can be
cleaned up and will exactly mirror the production environment. Then just
turn the virtual machine back on and it continues to work as advertised.
I prefer this method as it is an exact copy vs bits and piece. Backup
and restore work as well, although again, I prefer to restore to a
virtual environment for portability and ease of restoration. It's just
that a lot of the backup services out there would require my VM to be on
the same network as production and I'm not interested in that.
Al
Post by Tony Cheng
I have an existing active directory for my production environment. And
now I want to setup a development environment with the same setting as
production environment. I want to copy the active directory on production
environment and create a clone on development environment.
How can I achrieve this ? Backup and restore system data would be ok ?
the development environment is a fresh-installed windows 2003 .
Thx so much
Tony
Tony Cheng
2005-06-28 14:12:50 UTC
Permalink
thanks for your help
Post by Al Mulnick
You are correct on both accounts. However, keep in mind that LDIFDE
doesn't bring all components over. For example, GPO settings would come
across via LDIFDE but instead you would have to use GPMC or scripts.
Backup and restore /should/ be a part of your normal process anyway (and
therefore easy to use), but for development it's sometimes more work than
using the virtualization technology. Depends on frequency and local custom
I suppose.
Al
Post by Tony Cheng
Thx for your quick response.
I have searched Google and find that LDIFDE is a tool to export and
import Directory Objects. But does it mean that before using LDIFDE to
import , I have to setup an active directory first ?
On the other hands, "use backup and restore" means I backup the system
data on my production environment and then restore it on development
environment ?
Post by Al Mulnick
That depends on your needs and your network setup.
You can use LDIFDE to clone accounts and groups and such. You could use
backup and restore to do this as long as the target is and will never
see the production network.
I'm personally a fan of using virtualization to introduce a new DC, shut
it down, and copy it to a separate isolated network where it can be
cleaned up and will exactly mirror the production environment. Then just
turn the virtual machine back on and it continues to work as advertised.
I prefer this method as it is an exact copy vs bits and piece. Backup
and restore work as well, although again, I prefer to restore to a
virtual environment for portability and ease of restoration. It's just
that a lot of the backup services out there would require my VM to be on
the same network as production and I'm not interested in that.
Al
Post by Tony Cheng
I have an existing active directory for my production environment. And
now I want to setup a development environment with the same setting as
production environment. I want to copy the active directory on
production environment and create a clone on development environment.
How can I achrieve this ? Backup and restore system data would be ok ?
the development environment is a fresh-installed windows 2003 .
Thx so much
Tony
Paul Bergson
2005-06-28 13:05:02 UTC
Permalink
We just dcpromo another server in our environment, make it a dns server as
well. Make a backup of it, demote it, move it to our test lab and do a
restore. Just make sure to never allow this machine talk to your production
environment again.
--
Paul Bergson MCT, MCSE, MCSA, CNE, CNA, CCA

This posting is provided "AS IS" with no warranties, and confers no rights.
Post by Tony Cheng
I have an existing active directory for my production environment. And now
I want to setup a development environment with the same setting as
production environment. I want to copy the active directory on production
environment and create a clone on development environment.
How can I achrieve this ? Backup and restore system data would be ok ? the
development environment is a fresh-installed windows 2003 .
Thx so much
Tony
Tony Cheng
2005-06-28 14:12:54 UTC
Permalink
thanks for your help
Post by Paul Bergson
We just dcpromo another server in our environment, make it a dns server as
well. Make a backup of it, demote it, move it to our test lab and do a
restore. Just make sure to never allow this machine talk to your
production environment again.
--
Paul Bergson MCT, MCSE, MCSA, CNE, CNA, CCA
This posting is provided "AS IS" with no warranties, and confers no rights.
Post by Tony Cheng
I have an existing active directory for my production environment. And now
I want to setup a development environment with the same setting as
production environment. I want to copy the active directory on production
environment and create a clone on development environment.
How can I achrieve this ? Backup and restore system data would be ok ?
the development environment is a fresh-installed windows 2003 .
Thx so much
Tony
Loading...