Announcement

Collapse
No announcement yet.

Duplicating whole AD structure to another server with Export/Import utility

Collapse
X
  • Filter
  • Time
  • Show
Clear All
new posts

  • Duplicating whole AD structure to another server with Export/Import utility

    Hello Everyone

    I need to export the whole infrastructure of a single domain (60.000 users, 90.000 Groups, 45.000 Computers and some hundreds of OUs) so I can reimport to a virtual machine and create a Test Environment.
    At the moment I have no possiblity to create another DC and detach it from network (just because I don't have admin rights in domain), so I was thinking the best way is use some utils like ldifde. Made some tries with syntax but cannot find a way to make a clean import of exported data

    What do I need exactely? Few things:

    1) The whole OU structure to be recreated
    2) The full list of users, groups and computer accounts (also membership would be great but not mandatory)
    3) Don't need GPO (even though it would be great to have them)

    Notes:
    1) I don't need passwords, so random ones or blank is ok
    2) Source forest has Exchange 2003 and destination forest doesn't! I think this could be a problem; in case needed I can install exchange on destination forest
    3) I actually need all users informational attributes (general, address, telephones and organization)

    Any suggestions?
    Thanks !
    Luke and Max Hit the Road

  • #2
    Re: Duplicating whole AD structure to another server with Export/Import utility

    I can think of a couple of options.

    1) Restore a backup of your production environment to the VS though you may run into compatibility issues

    2) Swing Migration style...
    -Join the VS to the domain
    -run dcpromo on VS
    -separate the VS from the domain
    -run metadata cleanup in the production environment to remove traces of the VS
    -on the VS seize all the FSMO roles and make it a GC
    -run metadata cleanup on the VS to remove all the production DCs

    Other, more experienced, people may have better solutions for you.
    Regards,
    Jeremy

    Network Consultant/Engineer
    Baltimore - Washington area and beyond
    www.gma-cpa.com

    Comment


    • #3
      Re: Duplicating whole AD structure to another server with Export/Import utility

      Thanks for your help
      but you probably missed a "little" particular I wrote on my post
      quote: "I don't have admin rights in domain"
      so No admin rights, No DCpromo
      Luke and Max Hit the Road

      Comment


      • #4
        Re: Duplicating whole AD structure to another server with Export/Import utility

        Yup, I missed that.

        EDIT - could a domain Admin do steps for you and then on the vs just change the admin account password? Just a thought.
        Last edited by JeremyW; 26th October 2006, 15:46.
        Regards,
        Jeremy

        Network Consultant/Engineer
        Baltimore - Washington area and beyond
        www.gma-cpa.com

        Comment


        • #5
          Re: Duplicating whole AD structure to another server with Export/Import utility

          according to this KB you need admin rights to both import and export from AD, You have the right idea, but you will need to talk to the admin's.


          Quote from link

          Export the organizational units from the source domain

          1. Log on as Administrator in the Export domain. If you log on using an account that does not have administrative privileges, you may not be able to perform export and import operations against the Active Directory.
          "...if I turn out to be particularly clear, you've probably misunderstood what I've said” - Alan Greenspan

          Comment


          • #6
            Re: Duplicating whole AD structure to another server with Export/Import utility

            Have you considered using GPMC scripts ?
            http://technet2.microsoft.com/Window....mspx?mfr=true
            Guy Teverovsky
            "Smith & Wesson - the original point and click interface"

            Comment


            • #7
              Re: Duplicating whole AD structure to another server with Export/Import utility

              Hello there
              I think I found the easiest way to export with no admin rights
              Usually, the easiest solution is the best one ehhe
              Code:
              csvde -f \outusers.csv -d "dc=projectsr2,dc=net" -l "DN,objectClass,ou,description,distinguishedName,cn,department,title,mail,telephonenumber,mobile,physicalDeliveryOfficeName" -r "(objectClass=user)"
              csvde -f \outou.csv -d "dc=projectsr2,dc=net" -l "DN,objectClass,ou,description,distinguishedName,cn,department,title,mail,telephonenumber,mobile,physicalDeliveryOfficeName" -r "(objectClass=organizationalUnit)"
              csvde -f \outgroups.csv -d "dc=projectsr2,dc=net" -l "DN,objectClass,ou,description,distinguishedName,cn,department,title,mail,telephonenumber,mobile,physicalDeliveryOfficeName" -r "(objectClass=group)"
              csvde -f \outcomputers.csv -d "dc=projectsr2,dc=net" -l "DN,objectClass,ou,description,distinguishedName,cn,department,title,mail,telephonenumber,mobile,physicalDeliveryOfficeName" -r "(objectClass=computer)"
              and then reimport them in new domain.
              You don't need admin right to export those fields from AD This is the best thing
              Also, Exchange fields are not exported, so I don't have to install E2K3 on destination domain.
              Luke and Max Hit the Road

              Comment


              • #8
                Re: Duplicating whole AD structure to another server with Export/Import utility

                Originally posted by guyt View Post
                Have you considered using GPMC scripts ?
                http://technet2.microsoft.com/Window....mspx?mfr=true
                Wow... some of them are really useful.
                I also found some interesting methods to catch information from AD by just taking a look at source code on those scripts
                Thanks so much !!!
                Luke and Max Hit the Road

                Comment

                Working...
                X