First thing to do before cloning the server is to add the source domain controller (the one we are going to prepare for cloning) to theCloneable Domain Controllers security group, in Active Directory. If you don’t do it, the PowerShell command that creates the configuration file for cloning will fail.
Open Active Directory Users and Computers, go to the Users container and open the Cloneable Domain Controllers security group. On the Members tab click the Add button and in the object box type the name of your domain controller used for cloning. Before you click OK make sure on the Object Types, the Computers object is selected.
Now let’s prepare the domain controller for cloning. Open a PowerShell window and import the Active Directory module.
Import-Module Activedirectory
The next step in cloning a virtual domain controller is to run the Get-ADDCCloningExcludedApplicationList command. This will present a list of applications or services that are not evaluated for cloning and that are installed on the source VM. If such an application is found, you will get an output similar to the one in the bellow picture. Review the list and make sure that no software components are affected by a change in computer name or SID. If so, contact the software vendors or remove the software from the domain controller prior to cloning, or the process will fail.
If you know that those applications listed are safe for cloning you can add them to an inclusion list (CustomDCCloneAllowList.xml) by using the -GenerateXml option with the same cmdlet. If you don’t change the path for the .xml file it will be created by default inC:\Windows\NTDS. Also, by adding the -Force parameter will overwrite any file by that name found at that path location.
Get-ADDCCloningExcludedApplicationList -GenerateXml -Force
By opening that path after issuing the command you can see the .xml file.
The last cmdlet that we are going to issue will create the configuration file for the new domain controller. This configuration file will hold the new name for the domain controller, IP address, gateway, etc.
New-ADDCCloneConfigFile -CloneComputerName "Server-DC3" -SiteName "Default-First-Site-Name" -Static -IPv4Address "192.168.50.202" -IPv4SubnetMask "255.255.255.0" -IPv4DefaultGateway "192.168.50.254" -IPv4DNSResolver "192.168.50.200"
Off course, you will need to replace the information between the quotes with your own.
By default the configuration files is also saved in C:\Windows\NTDS.
Shut down the domain controller and export the VM by either using the PowerShell cmdlet or the Hyper-V Manager.
Export-VM -Name "Server-DC2" - ComputerName "Server-HyperV" -Path "D:\DCClone"
You need to delete any snapshots the machine may have before importing.
Specify the path where the exported VM is located and click Next.
If you have multiple VMs exported in the specified path, select the correct one from the list and continue the wizard.
A new ID has to be generated or the VM will not know that it was cloned and you will have the same name and IP address for the domain controller.
When cloning VMs using System Center Virtual Machine Manager or VMware vCenter the ID, is automatically generated for you.
If you don’t like the default path, type a different one where the VM files and the virtual disk will be stored.
On the Summary screen click Finish to start importing the VM.
You will need to rename the VM after it was imported. Right-click it and choose Rename.
All we have to do now is power on the cloned domain controller and let the script do its job.
You can take a look in AD Sites and Services and in the Domain Controllers container in AD and see if is there.
As you can see the IP settings are the ones I configured when I issued the New-ADDCloneConfigFile command. Job done.
No comments:
Post a Comment