Create offline AD network for testing

[MarkMISGuy]

For testing purposes, I've setup an offline LAN. Our production LAN is working well with Active Directory, and I'd like to "copy" the working AD, complete with user accounts and original SID's, to my offline LAN. In addition, I'd like to keep these in synch every 2 weeks or so to keep up with changes that occur in user accounts.

Does anyone know of a process to do this? I've researched many of the Windows 200x forums, including MS, but have not found a procedure. Specific instructions and/or tools would be appreciated.


Mark

 

[ShackDaddy]

I don't know what you've looked at so far, but I think that if I wanted to do this, I'd use ADMT 2.0 (Active Directory Migration Tool) to copy all of your AD objects over to the test domain. To do this, you can't keep your domains completely isolated on a network level, since you will need connectivity between the domain controllers of each. You could set up a single server as a DC for the new forest in your existing LAN and that would probably be fine. I'd also make sure that your test domain doesn't have an identical naming scheme, otherwise the migration probably won't work.

If you want another way to do this, you could create a new DC in your existing domain and then move it into the off-line LAN. You'd then want to use Active Directory Sites and Services tool to make it a global catalog server and Active Directory Users and Computers to remove the other domain controllers from the "domain." You'll also want to make sure this system assumes all of the FSMO roles, using NTDSUTIL. *Don't let it rejoin the original LAN after these adjustments!*

The downside of this second solution is that you'll have an AD that starts off overwhelmed with loneliness and you'll have to massage it to get it to stop being preoccupied with the other missing DC's. In addition, there may not be a simple way of synchronizing the two domains every couple of weeks.

It would be best to try and work with the ADMT solution if you can.

Shackdaddy