duplicate DC for test enviornment

February 17, 2011 at 12:04:26
Specs: Windows 2008

So I'm needing to duplicate our DC for a test environment. I'm having an issue on deciding which way is the best way to remove the test DC from the production forest.

We currently have 2 DC in our forest. I was able to successfully add the test DC (third one) to our forest by using DCPROMO which added it to our production forest. It replicates fine.

My question now is: Do i run dcpromo to demote the test DC or should I just kill it off and clean up the meta-data on my production forest. I understand that i would need to seize the FMSO roles on the test DC to make it the master roles.

My concern with demoting the DC is that it will remove all the users, groups, setting's, GP. If i decide to demote it from production, i would have to run DCPROMO to make it a DC again, right? Will that erase all the information that was replicated from the production?

I think disconnecting the test DC from the production seems like it would work much better since the test DC is still technically active in a stand alone mode and I can then seize the roles. The only thing i would need to do is clean up the meta-data from the production and test DC.

Has anyone ever tested this out??


See More: duplicate DC for test enviornment

Report •

February 17, 2011 at 14:20:03
I would suggest you make it also a global catalog holder as well as dns server while you are at it.
Back it up including system state.

Dcpromo it down.

Put it on its own isolated network and do a restore from backup. Then seize the fsmo roles.

I would not mess up your metadata if I were you. Recovery is not always successful.

Answers are only as good as the information you provide.
How to properly post a question:
Sorry no tech support via PM's

Report •

February 28, 2011 at 07:29:11
Thanks for your help!

I also found this article that helped: http://www.pbbergs.com/windows/arti...

It is a little bit out dated but the commands still work. I ran into a little issue after i restored the test DC from system state. I was able to log onto the server with several different user names but every time i clicked on Active Directory and Sites add-in, it kept on giving me an error saying "Naming Information Cannot Be Located Because: The specified domain either does not exist or could not be contacted. Contact your system administrator to verify that your domain is properly configured and is currently online.

I also got this error messages: "The DNS server is waiting for Active Directory Domain Services (AD DS) to signal that the initial synchronization of the directory has been completed. The DNS server service cannot start until the initial synchronization is complete because critical DNS data might not yet be replicated onto this domain controller. If events in the AD DS event log indicate that there is a problem with DNS name resolution, consider adding the IP address of another DNS server for this domain to the DNS server list in the Internet Protocol properties of this computer. This event will be logged every two minutes until AD DS has signaled that the initial synchronization has successfully completed. "

I thought it was a DNS issue so i cleared all the DNS that pointed to the production DC's but that didn't fix it. So i decided to restore from system state back up again. I followed more closely to the steps from the website and i finally got it to work. I think the fix was step 29 in the article. The sysvol folder was not shared and i had to make the DC a File Replication Service Master. In the notes it says that when FRS starts, it enters a "seeding" state and then tries to locate a replica with which it can synchronize. Until FRS completes replication, it cannot share Sysvol and Netlogon - see KB 316790

Report •
Related Solutions

Ask Question