Tag Archives: identity

Cloning Windows Server 2016 Domain Controllers

Cloning

Overview

Using virtualization technologies certainly sounds exciting when it comes to your Domain Controllers in a Windows Server 2016 environment. After all, think about scalability. You need more of it, just clone an existing Domain Controller and add the additional clone to your infrastructure.

The Steps

To ensure cloning is a success, Microsoft outlines a process for us and provides us with some new tools.

Step 1: On the virtual machine you want to clone (the source VM), run the Get-ADDCCloningExcludedApplicationList cmdlet. This shows you services and applications you might have installed on the Domain Controller that do not support cloning. Uninstall any that are true concerns.

Step 2: Rerun Get-ADDCCloningExcludedApplicationList with the -GenerateXml and -Path arguments in order to create an allow list XML file.

Step 3: Add your source VM you want to clone to the Cloneable Domain Controllers group. You can use the Add-ADGroupMember cmdlet or the GUI for this.

Step 4: Create a cloning configuration file for your new system. This XML file provides parameters like computer name and IP address for the new virtual machine. The easiest way to create this file is to use the PowerShell cmdlet of New-ADDCCloneConfigFile cmdlet.

Step 5: Shut down your source VM and duplicate it to create your clone. I recommend the Export and Import approach for the VM to ensure you get all your snapshots and other goodies.

Step 6: Boot your cloned Domain Controller and watch as the process of AD Cloning completes at startup.

Adding Active Directory to Windows Server 2016 Core

Server 2016

Overview of Active Directory and Windows Server 2016 Core

What is the trimmest, slimmest Windows Server 2016 system you can spin up these days? Well, that is Nano Server. But unfortunately, Nano Server does not support hosting Active Directory in any variation. In steps “Server Core” for Windows Server 2016. In this post, I outline just how easy it is to add Active Directory (and a Domain Controller) using this Graphical User Interface-less version of Windows Server 2016.

The Steps

How do we get Active Directory implemented in a “normal” GUI-based version of Windows Server 2016? Well of course we use the Add Roles and Features Wizard launched from Server Manager. We then engage in two steps. We add Active Directory Services, and then we promote the server to a Domain Controller. Nothing changes in Server Core! Except, since there is no GUI, we MUST use Windows PowerShell in order to perform these two steps. Interestingly, we could have done it this way in the Desktop Experience version of Windows Server 2016 as well.

Installing Active Directory with PowerShell in Server Core

In order to perform the first step, installing AD, follow these simple steps:

  1. At the Server Core Command Prompt window, launch Windows PowerShell using the powershell command.
  2. In Windows PowerShell, use the following command:
Install-WindowsFeature -Name AD-Domain-Services -IncludeManagementTools

Be sure to stick around and receive confirmation of success from the system.

Promoting Server Core to a Domain Controller

Here is the process for your second step, the promotion of the Server Core system to a Domain Controller:

  1. At the Server Core Command Prompt window, launch Windows PowerShell using the powershell command.
  2. In Windows PowerShell, use the following command:
Install-ADDSForest -DomainName nuggetlab.com

You will need to provide Directory Services Restore Mode password and press Enter.

Just as with the larger Desktop Experience version of Windows Server 2016, your nimble Server Core needs a reboot when this promotion process is complete.

Deploying and Managing Active Directory with Windows PowerShell: Tools for cloud-based and hybrid environments