Tony said:
Hi I am working a project where I need to duplicate my production network in
a test enviroment. production is a Win 2000 Domain running in mixed mode with
Exchange 2000 and 20003 servers. Can someone point me in the right direction
of the best way to copy all user, computer,and group objects into the new
test domain which is also running Windows 2000 in mixed mode. Currently have
about 16000 objects in AD.
Any help is greatly appreciated,
Tony Davis
We just went through this very thing. Since there is a great lack of
documentation on this subject we promoted a domain controller in our
production AD, then took it off the prod network and plugged it into a
separate physical lab network. That gave us what we wanted (replica AD) but
left us with two unclean and possibly unstable ADs.
From there we used 'ntdsutil' and cleaned up the metadata on the production
network. In the lab, it was a bit more dicey. We first had to sieze all the
FSMO roles to the lone DC in the lab, then we proceeded to do metadata
cleanup on the rest of the "dead" domain controllers, removing all the
sites, site links - leaving the one site and site link for the lab DC of
course.
Eventually we got a working copy of our AD in a test lab, but it took a lot
of messing around to get AD happy again. Netdiag, dcdiag, and ntdsutil
proved (again) to be invaluable tools. The event veiwer was also suprisingly
descriptive as well.
We had also tossed around the idea of doing system state restores, but we
couldn't get the same hardware in the lab as we did in the lab and we felt
that would make things even more difficult.
As far as possibly keeping them somewhat synch'ed - I have no idea and that
is a challenge for us. So if anyone on the list has any ideas on how to
synch two unlike directories together it would be appreciated.
HTH,
AJ Schroeder
