|By Keith Mayer||
|August 17, 2012 07:15 AM EDT||
When virtualizing Active Directory Domain Controllers in the past, we've needed to be very careful that we don't invoke any steps, such as applying an old snapshot, that could possibly cause USN rollback to occur in the state of a Domain Controller's replica of the AD database and risk AD corruption. Beginning with Windows Server 2012, we've incorporated a new VM-Generation-ID unique identifier as an additional attribute of a Domain Controller's AD computer object as well as the VM container that is running the virtualized DC instance. When a virtualized DC starts up, Windows Server 2012 checks for a match between the VM-Generation-ID recorded on the VM instance and the VM-Generation-ID recorded on the DC's computer object in AD. If there's a mismatch, Windows Server knows that a possible virtualization snapshot or imaging event has occurred and it dumps the current RID pool and USN for fresh information to protect the state of AD.
NOTE: The VM-Generation-ID attribute must be supported by the underlying Hypervisor being using to virtualize a Domain Controller instance for the scenarios in this article to be functional. VM-Generation-ID support is included with Hyper-V v3 in Windows Server 2012, and we're also working with VMware and Citrix to help them provide this support in future versions of their Hypervisors.
CAUTION: Improperly cloning domain controllers in a production environment can result in issues that are difficult to resolve. I recommend that you test the below steps in an isolated lab environment to make sure that you are comfortable with the process and expected results before attempting to perform these steps in a production environment.
This is pretty cool stuff to protect our Active Directories, but how does this tie into Cloning a Domain Controller?
When attempting to clone a virtualized Domain Controller, the same mismatch in VM-Generation-ID described above will occur. We can use this as an opportunity to supply additional instructions to the new cloned copy of a Windows Server 2012 DC so that, when it first starts up, it configures itself as an additional Domain Controller in the same Active Directory forest and domain, rather than merely starting up as a raw copy of the original DC.
Why would I want to Clone a Domain Controller?
In large Active Directories, the process of adding a replica domain controller via DCPromo or Server Manager can take a considerably long period of time, due to the need for replicating the entire AD domain database (DIT) to the new Domain Controller. The newly introduced safe cloning process in Windows Server 2012 can speed this process dramatically when using virtualized Domain Controllers by allowing an IT Pro to safely clone an already replicated Domain Controller to a new virtualized instance. This can save provisioning time as well as save a great deal of time when recovering from certain disaster scenarios.
Important! Note that you cannot clone the Domain Controller that is running the Primary Domain Controller (PDC) FSMO role - As a best practice, I recommend setting up your first two Domain Controllers as you would normally do for any AD installation and distribute your FSMO roles between them. Then, setup a third virtualized Domain Controller with no FSMO roles that you will use as the source DC for the cloning process.
Cool! How do I Clone a Domain Controller with Windows Server 2012?
- Ensure that you are using a Hypervisor that supports the new VM-Generation-ID functionality, as described in my note above.
- Authorize the original source Domain Controller to be used as the source for cloning by adding it's computer object into the new "Cloneable Domain Controllers" Active Directory group
- Confirm clone compatibility with the services running on the original source Domain Controller by running the following PowerShell commmand:
Review the list of returned services and installed programs with your software vendors to determine if any of these software components will be affected by a change in computer name or computer SID. You must remove incompatible software from the original source DC prior to cloning, or the process will fail. For the remaining software, if it is compatible with the cloning process, run the following PowerShell command to update the compatible list of programs to include this additional software:
- Configure the original source Domain Controller with the instructions for configuring the new clone DC by running the below PowerShell command. This command will record these settings in a file named DCCloneConfig.xml in the NTDS DIT folder ( C:\Windows\NTDS, by default ). You can find a sample of this file located on your original source Windows Server 2012 domain controller at C:\Windows\System32\SampleDCCloneConfig.xml.
-Static -IPv4Address "IP_Address_of_New_DC"
For example, the command syntax for the configuration of a new DC named "VirtualDC2" in AD Site "ADSite01" with an IP address of "10.0.1.2" might look like:
-Static -IPv4Address "10.0.1.2"
- Shutdown the virtual machine of the original source Domain Controller to prepare it for cloning. On Hyper-V v3, you can use the following PowerShell command to perform this task:
Stop-VM -Name "VirtualDC1" - ComputerName "HyperV1"
- Export the virtual machine of the original source Domain Controller to a folder. On Hyper-V v3, you can use the following PowerShell command to perform this task:
Export-VM -Name "VirtualDC1" - ComputerName "HyperV1" -Path "D:\VMExport"
- Copy the folder contents to a new Hyper-V host server where you will import the D:\VMExport folder to a new cloned VM. Using your file copy tool of choice - I recommend ROBOCOPY which is included with Windows Server 2012.
- Import the VM on the new Hyper-V host and create a new VM-Generation-ID for the newly cloned VM copy:
$vm = Import-VM -Path "D:\VMExport\VirtualDC1\Virtual Machines" -Copy -GenerateNewId
NOTE: If Importing the VM to the same Hyper-V host as the original source Domain Controller or importing the same exported VM multiple times, you'll also need to specify new unique folder locations for each imported VM using the following command-line switches on the Import-VM command:
- Rename the newly cloned copy of the VM
Rename-VM -VM $vm -New-Name "VirtualDC2"
- Delete any VM snapshots that may have been present in the original source VM prior to exporting
Get-VMSnapshot -VMName "VirtualDC2" | Remove-VMSnapshot -IncludeAllChildSnapshots
- Start your original source Domain Controller VM and your newly cloned Domain Controller VM. As part of the initial startup process, your newly cloned Domain Controller VM will process the instructions recorded in the DCCloneConfig.xml file to configure itself with a new computername and new IP Address information.
Want to Learn More About Windows Server 2012?
Join the Windows Server 2012 "Early Experts" Challenge at http://aka.ms/earlyexpert to learn more about Windows Server 2012 and begin preparing for the new Windows Server 2012 certification exams.
The buzz continues for cloud, data analytics and the Internet of Things (IoT) and their collective impact across all industries. But a new conversation is emerging - how do companies use industry disruption and technology enablers to lead in markets undergoing change, uncertainty and ambiguity? Organizations of all sizes need to evolve and transform, often under massive pressure, as industry lines blur and merge and traditional business models are assaulted and turned upside down. In this new data-driven world, marketplaces reign supreme while interoperability, APIs and applications deliver un...
Oct. 8, 2015 05:30 PM EDT Reads: 221
The Internet of Things (IoT) is growing rapidly by extending current technologies, products and networks. By 2020, Cisco estimates there will be 50 billion connected devices. Gartner has forecast revenues of over $300 billion, just to IoT suppliers. Now is the time to figure out how you’ll make money – not just create innovative products. With hundreds of new products and companies jumping into the IoT fray every month, there’s no shortage of innovation. Despite this, McKinsey/VisionMobile data shows "less than 10 percent of IoT developers are making enough to support a reasonably sized team....
Oct. 8, 2015 05:30 PM EDT Reads: 139
Mobile messaging has been a popular communication channel for more than 20 years. Finnish engineer Matti Makkonen invented the idea for SMS (Short Message Service) in 1984, making his vision a reality on December 3, 1992 by sending the first message ("Happy Christmas") from a PC to a cell phone. Since then, the technology has evolved immensely, from both a technology standpoint, and in our everyday uses for it. Originally used for person-to-person (P2P) communication, i.e., Sally sends a text message to Betty – mobile messaging now offers tremendous value to businesses for customer and empl...
Oct. 8, 2015 05:30 PM EDT Reads: 222
There are so many tools and techniques for data analytics that even for a data scientist the choices, possible systems, and even the types of data can be daunting. In his session at @ThingsExpo, Chris Harrold, Global CTO for Big Data Solutions for EMC Corporation, will show how to perform a simple, but meaningful analysis of social sentiment data using freely available tools that take only minutes to download and install. Participants will get the download information, scripts, and complete end-to-end walkthrough of the analysis from start to finish. Participants will also be given the pract...
Oct. 8, 2015 05:15 PM EDT Reads: 240
Today’s connected world is moving from devices towards things, what this means is that by using increasingly low cost sensors embedded in devices we can create many new use cases. These span across use cases in cities, vehicles, home, offices, factories, retail environments, worksites, health, logistics, and health. These use cases rely on ubiquitous connectivity and generate massive amounts of data at scale. These technologies enable new business opportunities, ways to optimize and automate, along with new ways to engage with users.
Oct. 8, 2015 05:15 PM EDT Reads: 117
The IoT market is on track to hit $7.1 trillion in 2020. The reality is that only a handful of companies are ready for this massive demand. There are a lot of barriers, paint points, traps, and hidden roadblocks. How can we deal with these issues and challenges? The paradigm has changed. Old-style ad-hoc trial-and-error ways will certainly lead you to the dead end. What is mandatory is an overarching and adaptive approach to effectively handle the rapid changes and exponential growth.
Oct. 8, 2015 05:00 PM EDT
Can call centers hang up the phones for good? Intuitive Solutions did. WebRTC enabled this contact center provider to eliminate antiquated telephony and desktop phone infrastructure with a pure web-based solution, allowing them to expand beyond brick-and-mortar confines to a home-based agent model. It also ensured scalability and better service for customers, including MUY! Companies, one of the country's largest franchise restaurant companies with 232 Pizza Hut locations. This is one example of WebRTC adoption today, but the potential is limitless when powered by IoT.
Oct. 8, 2015 04:30 PM EDT Reads: 7,462
You have your devices and your data, but what about the rest of your Internet of Things story? Two popular classes of technologies that nicely handle the Big Data analytics for Internet of Things are Apache Hadoop and NoSQL. Hadoop is designed for parallelizing analytical work across many servers and is ideal for the massive data volumes you create with IoT devices. NoSQL databases such as Apache HBase are ideal for storing and retrieving IoT data as “time series data.”
Oct. 8, 2015 02:45 PM EDT Reads: 491
Clearly the way forward is to move to cloud be it bare metal, VMs or containers. One aspect of the current public clouds that is slowing this cloud migration is cloud lock-in. Every cloud vendor is trying to make it very difficult to move out once a customer has chosen their cloud. In his session at 17th Cloud Expo, Naveen Nimmu, CEO of Clouber, Inc., will advocate that making the inter-cloud migration as simple as changing airlines would help the entire industry to quickly adopt the cloud without worrying about any lock-in fears. In fact by having standard APIs for IaaS would help PaaS expl...
Oct. 8, 2015 02:30 PM EDT Reads: 642
NHK, Japan Broadcasting, will feature the upcoming @ThingsExpo Silicon Valley in a special 'Internet of Things' and smart technology documentary that will be filmed on the expo floor between November 3 to 5, 2015, in Santa Clara. NHK is the sole public TV network in Japan equivalent to the BBC in the UK and the largest in Asia with many award-winning science and technology programs. Japanese TV is producing a documentary about IoT and Smart technology and will be covering @ThingsExpo Silicon Valley. The program, to be aired during the peak viewership season of the year, will have a major impac...
Oct. 8, 2015 01:00 PM EDT Reads: 254
SYS-CON Events announced today that ProfitBricks, the provider of painless cloud infrastructure, will exhibit at SYS-CON's 17th International Cloud Expo®, which will take place on November 3–5, 2015, at the Santa Clara Convention Center in Santa Clara, CA. ProfitBricks is the IaaS provider that offers a painless cloud experience for all IT users, with no learning curve. ProfitBricks boasts flexible cloud servers and networking, an integrated Data Center Designer tool for visual control over the cloud and the best price/performance value available. ProfitBricks was named one of the coolest Clo...
Oct. 8, 2015 01:00 PM EDT Reads: 757
Organizations already struggle with the simple collection of data resulting from the proliferation of IoT, lacking the right infrastructure to manage it. They can't only rely on the cloud to collect and utilize this data because many applications still require dedicated infrastructure for security, redundancy, performance, etc. In his session at 17th Cloud Expo, Emil Sayegh, CEO of Codero Hosting, will discuss how in order to resolve the inherent issues, companies need to combine dedicated and cloud solutions through hybrid hosting – a sustainable solution for the data required to manage I...
Oct. 8, 2015 01:00 PM EDT Reads: 471
Apps and devices shouldn't stop working when there's limited or no network connectivity. Learn how to bring data stored in a cloud database to the edge of the network (and back again) whenever an Internet connection is available. In his session at 17th Cloud Expo, Bradley Holt, Developer Advocate at IBM Cloud Data Services, will demonstrate techniques for replicating cloud databases with devices in order to build offline-first mobile or Internet of Things (IoT) apps that can provide a better, faster user experience, both offline and online. The focus of this talk will be on IBM Cloudant, Apa...
Oct. 8, 2015 12:45 PM EDT Reads: 505
WebRTC is about the data channel as much as about video and audio conferencing. However, basically all commercial WebRTC applications have been built with a focus on audio and video. The handling of “data” has been limited to text chat and file download – all other data sharing seems to end with screensharing. What is holding back a more intensive use of peer-to-peer data? In her session at @ThingsExpo, Dr Silvia Pfeiffer, WebRTC Applications Team Lead at National ICT Australia, will look at different existing uses of peer-to-peer data sharing and how it can become useful in a live session to...
Oct. 8, 2015 12:00 PM EDT Reads: 602
As a company adopts a DevOps approach to software development, what are key things that both the Dev and Ops side of the business must keep in mind to ensure effective continuous delivery? In his session at DevOps Summit, Mark Hydar, Head of DevOps, Ericsson TV Platforms, will share best practices and provide helpful tips for Ops teams to adopt an open line of communication with the development side of the house to ensure success between the two sides.
Oct. 8, 2015 12:00 PM EDT Reads: 573
SYS-CON Events announced today that IBM Cloud Data Services has been named “Bronze Sponsor” of SYS-CON's 17th Cloud Expo, which will take place on November 3–5, 2015, at the Santa Clara Convention Center in Santa Clara, CA. IBM Cloud Data Services offers a portfolio of integrated, best-of-breed cloud data services for developers focused on mobile computing and analytics use cases.
Oct. 8, 2015 11:00 AM EDT Reads: 724
"Matrix is an ambitious open standard and implementation that's set up to break down the fragmentation problems that exist in IP messaging and VoIP communication," explained John Woolf, Technical Evangelist at Matrix, in this SYS-CON.tv interview at @ThingsExpo, held Nov 4–6, 2014, at the Santa Clara Convention Center in Santa Clara, CA.
Oct. 8, 2015 07:00 AM EDT Reads: 5,865
WebRTC has had a real tough three or four years, and so have those working with it. Only a few short years ago, the development world were excited about WebRTC and proclaiming how awesome it was. You might have played with the technology a couple of years ago, only to find the extra infrastructure requirements were painful to implement and poorly documented. This probably left a bitter taste in your mouth, especially when things went wrong.
Oct. 8, 2015 06:00 AM EDT Reads: 756
Nowadays, a large number of sensors and devices are connected to the network. Leading-edge IoT technologies integrate various types of sensor data to create a new value for several business decision scenarios. The transparent cloud is a model of a new IoT emergence service platform. Many service providers store and access various types of sensor data in order to create and find out new business values by integrating such data.
Oct. 8, 2015 04:00 AM EDT Reads: 540
The broad selection of hardware, the rapid evolution of operating systems and the time-to-market for mobile apps has been so rapid that new challenges for developers and engineers arise every day. Security, testing, hosting, and other metrics have to be considered through the process. In his session at Big Data Expo, Walter Maguire, Chief Field Technologist, HP Big Data Group, at Hewlett-Packard, will discuss the challenges faced by developers and a composite Big Data applications builder, focusing on how to help solve the problems that developers are continuously battling.
Oct. 8, 2015 04:00 AM EDT Reads: 485