In Windows Server 2012, Microsoft has optimized the use of virtual domain controllers. In contrast to previous versions, snapshots and cloned domain controllers no longer pose a risk to the entire Active Directory. To virtualize and also clone your domain controllers optimally, at least the following conditions must be met:
* The PDC emulator must be on a domain controller with Windows Server 2012. You cannot clone the PDC emulator; it must always be available during the cloning process. * The domain must already have at least two domain controllers with Windows Server 2012 because you can only clone the second. The first one provides the PDC emulator. * The virtualization solution must support this new technology (VM generation ID). Currently, this is only Hyper-V in Windows Server 2012.
To discover whether the virtualization solution you use supports the new VM generation ID, check out the Device Manager on a virtualized server with Windows Server 2012. The driver for system devices must be the Microsoft Hyper-V Generation Counter with the vmgencounter.sys driver file. Before you clone a virtual domain controller, you need to run this commandlet on the server:
Get-ADDCCloningExcludedApplicationList
This cmdlet checks whether there are applications on the virtual server that do not support cloning. If the cmdlet discovers incompatible services, for example, the DHCP service or an antivirus scanner, a message appears telling you this.
The configuration for cloning is created in the DCCloneConfig.xml file. The sample file, SampleDCCloneConfig.xml, is located in C:\Windows\System32. After creating the DCCloneConfig.xml file, you can copy this to the folder with the Active Directory database, which is normally the C:\Windows\NTDS folder. You can only clone source domain controllers that are members of the Clonable domain controllers group in Active Directory. You also can only clone domain controllers that are not switched on. That is, you must shut down the appropriate domain controller before you can clone it.
Before adding the new domain controller to Active Directory, you must copy the DCCloneConfig.xml file customized by the cloning process from the source computer to the folder with the Active Directory database that is, normally from the source computer to C:\Windows\NTDS on the target computer. Windows modifies the name of the file to show that a cloning process has taken place. Change the name back to DCCloneConfig.xml.
Next, you can either create a new virtual machine and use the copied hard drive, or you can import the exported server with the Hyper-V Manager or PowerShell. When you import, select the option Copy the virtual machine . When you start the domain controller, it parses the DCCloneConfig.xml file and prepares itself for the cloning. You will also receive a corresponding message when Windows starts up.
