If you have VM's it should be pretty easy, just clone a DC. Depending on the data you need to copy over, either copy the DC each time you need an update, or use scripts and export/import (LDIFDE or similar) to move data back and forth. If you have a client VM for the cloned DC you should be able to assign it 2 NIC's and bounce it back and forth between the two domains.
I did a very similar thing when I did an SBS swing migration a few years ago, I was able to have a domain-joined client VM talk back and forth between the two identical-yet-sandboxed-from-each-other domains by simply enabling/disabling interfaces on it as needed. Dave From: [email protected] [mailto:[email protected]] On Behalf Of Damien Solodow Sent: Monday, July 20, 2015 7:29 AM To: [email protected] Subject: [NTSysADM] Setting up a DC for dev/test? We have an account automation tool that does a lot of work with AD users/groups/etc, and after a recent hiccup there is strong interest in having a dev/test instance of the tool. The problem with that, is that it would need a non-live DC to talk to. :) So the question is, how do I safely have a non-production DC that can be easily (relatively) updated with data from our actual domain? Unfortunately since the automation support and contractor are remote, I don't see a way to airgap the test DC. One possibility I considered was to have a DC that lives in its own site, that doesn't perform outbound replication. But that has the issue of changes made to the local copy not necessarily being overwritten by inbound replication which would cause sync issues. Part of me thinks the right answer is a local VM that's isolated from the network, but then I'd have to have the contractor either run it locally (which would create issues around sending AD updates) or allow them console access to the VM from vCenter. Anyone have a good solution for this type of scenario? DAMIEN SOLODOW Senior Systems Engineer 317.447.6033 (office) 317.447.6014 (fax) HARRISON COLLEGE 500 North Meridian St Suite 500 Indianapolis, IN 46204-1213 www.harrison.edu<http://www.harrison.edu/> Attention: Information contained in this message and or attachments is intended only for the recipient(s) named above and may contain confidential and or privileged material that is protected under State or Federal law. If you are not the intended recipient, any disclosure, copying, distribution or action taken on it is prohibited. If you believe you have received this email in error, please contact the sender, delete this email and destroy all copies.
