Q

Duplicating Windows 2000 domain as Windows 2003 test environment

We would like to duplicate our Windows 2000 domain into Windows 2003. What is the best way to approach this?

We have a Windows 2000 domain in place with Exchange 2000. We would like to duplicate this domain into Windows 2003 including all the mailboxes in a test environment. We have about 20,000 OUs and account combine. What is the best way to approach this?
There are at least a couple of options.
You could do a backup and a restore
If you have the same hardware in the test domain and the test network is isolated from the production network, you can just restore the system from a backup. Everything will be there and you will be ready to go. It's good to practice an AD restore once in a while. Once it is restored, you can upgrade the systems to Windows 2003. After the upgrade you would likely want to elevate the domain function to Windows 2003 Native. You would of course, do a backup and restore of the Exchange server as well.
You could build the test servers in production and move them to the lab.
You would build your Windows 2000 server and promote it to being a DC in the production directory. Then, you could power it off and move it to the lab. In this way you have a copy of the AD in the lab that matches production at some point in time. You will need to perform some specific steps to clean up residual issues with this type of operation. First, you will need to clean the production AD of any remnants of the AD server you moved to the lab. You are cleaning an orphaned object from the AD. Otherwise the remaining domain controllers will get caught up into trying to replicate to a server that is not there. This is a manual process but is well documented: http://support.microsoft.com/kb/216498

In the test lab you will need to seize all of the FSMO roles for the directory. Remember the test network and the production network CANNOT be connected to one another. You can do a similar operation with Exchange. You can see though that in any complex type of environment, this becomes complex. If you are only testing AD and not Exchange this isn't a bad way to go. Option 1 is still best.
Recreate Domain objects
You can build your Windows 2003 system and use LDIFDE.exe to export and import the objects. While this will roughly reproduce the objects you are not likely to get an environment that is truly in line with the production.

Paul Hinsberg

Additional Expert Help:
Be sure to check our Answer FAQ for more expert advice.
For faster answers, visit ITKnowledge Exchange.

This was first published in December 2004

Dig deeper on Microsoft Active Directory Replication

Pro+

Features

Enjoy the benefits of Pro+ membership, learn more and join.

Have a question for an expert?

Please add a title for your question

Get answers from a TechTarget expert on whatever's puzzling you.

You will be able to add details on the next page.

0 comments

Oldest 

Forgot Password?

No problem! Submit your e-mail address below. We'll send you an email containing your password.

Your password has been sent to:

-ADS BY GOOGLE

SearchServerVirtualization

SearchCloudComputing

SearchExchange

SearchSQLServer

SearchWinIT

SearchEnterpriseDesktop

SearchVirtualDesktop

Close