Virtualized Domain Controllers can be cloned though copying of the VHD(x) is not supported. The cloning process must be followed to ensure domain and data integrity are kept.
The following prerequisites need to be met.
- PDC emulator is windows 2012 or about
- PDC emulator is online at time of cloning
- Cloned DC is windows 2012 or above
- Virtualization host platform supports VM-Generation ID
Authorize the source domain controller for cloning
To clone a domain controller is must be a member of the Cloneable Domain Controllers security group. This is found in the ….. container of ADUC or the below powershell command can be used.
Get-ADComputer <sourcedc> | Foreach-Object {Add-ADGroupMember -Identity “Cloneable Domain Controllers” $_.SamAccountName }
Remove incompatible services or programs or add them to the CustomDCCloneAllowList.xml file
Get-ADDCCloningExclusionApplicationList cmdlet needs to be run to get a list of any applications that will prevent cloning. Once done, un-install the applications or if they want pose a problem to cloning add them to the CustomDCCloneAllowList.xml file by running the following
Get-ADDCCloningExcludedApplicationList -GenerateXML
A good is that if the services or application identified above are Microsoft’s such as DHCP then they should be removed. Also stand alone MSA are not supported an must be removed, gMSA are supported.
Create DCCloneConfig.xml
A DCCloneConfig.xml file needs to be created using:
New-ADDCCloneConfig
With following parameters:
- -CloneComputerName Specifies the clone DC computer name.
- -IPv4Address Specifies the static IPv4 address of the cloned computer.
- -IPv4SubnetMask Specifies the static IPv4 subnet mask of the cloned computer.
- -IPv4DefaultGateway Specifies the static IPv4 default gateway address of the cloned computer.
- -IPv4DNSResolver Specifies the static IPv4 DNS entries.
Take the source domain controller offline
Shut down the domain controller, to do this in powershell run cmdlet Stop-Computer
Copy or export the source VM and add the XML if not already copied
Copy the disks manually, without Hyper-V or export the VM, using Hyper-V
Create a new virtual machine from the copy
Create a new VM and associate the copied disk to it or import the exported VM.
Start the new virtual machine to commence cloning
Ensure that the PDC emulator is online and start the virtual machine. Powershell: Start-VM