top of page

Novice Karate Group (ages 8 & up)

Public·23 members
John Duran
John Duran

PowerShell Hyper-V Cloning [NEW]

Sysprep resets information stored in Windows settings such as SID, event log, temporary folders, hostname, and time zone; you need to input this information for a VM clone with the First Run wizard after cloning a VM from the template. If your Windows copy has been activated, then the activation gets reset. Be aware that activation cannot be reset more than three times. If a source VM is joined to the Active Directory domain, your Hyper-V VM template and VMs cloned from said template will have the same Domain SID (note: this is not the same as the machine SID mentioned above).

PowerShell Hyper-V Cloning

Tick the Generalize checkbox, which will in turn reset Windows activation and remove system-specific information. It is recommended to enable this option for preventing possible activation issues after cloning a Hyper-V VM from a template.

There is no special role or feature installation for virtualized domain controllers; all domain controllers automatically contain cloning and safe restore capabilities. You cannot remove or disable these capabilities.

There are no procedural differences in the operation when using graphical tools such as the Hyper-V Management Console or command-line tools such as Windows PowerShell, so the steps are presented only once with both interfaces. This topic provides Windows PowerShell samples for you to explore end-to-end automation of the cloning process; they are not required for any steps. There is no graphical management tool for virtualized domain controllers included in Windows Server 2012.

This also means when using non-fully routed networks, virtualized domain controller cloning requires network segments with access to the PDCE. It is acceptable to move a cloned domain controller to a different network after cloning - just like a physical domain controller - as long as you are careful to update the AD DS logical site information.

When cloning a domain that contains only a single domain controller, you must ensure the source DC is back online before starting the clone copies. A production domain should always contain at least two domain controllers.

Any programs or services previously returned by Get-ADDCCloningExcludedApplicationList - and not added to the CustomDCCloneAllowList.xml - must be removed prior to cloning. Uninstalling the application or service is the recommended method.

The CustomDCCloneAllowList.xml file is optional unless you install applications or potentially incompatible Windows services on the source domain controller. The files require precise naming, formatting, and placement; otherwise, cloning fails.

CmdletArgumentsExplanationNew-ADDCCloneConfigFileCreates a blank DcCloneConfig.xml file in the DSA Working Directory (default: %systemroot%\ntds)-CloneComputerNameSpecifies the clone DC computer name. String data type.-PathSpecifies the folder to create the DcCloneConfig.xml. If not specified, writes to the DSA Working Directory (default: %systemroot%\ntds). String data type.-SiteNameSpecifies the AD logical site name to join during cloned computer account creation. String data type.-IPv4AddressSpecifies the static IPv4 address of the cloned computer. String data type.-IPv4SubnetMaskSpecifies the static IPv4 subnet mask of the cloned computer. String data type.-IPv4DefaultGatewaySpecifies the static IPv4 default gateway address of the cloned computer. String data type.-IPv4DNSResolverSpecifies the static IPv4 DNS entries of the cloned computer in a comma-separated list. Array data type. Up to four entries can be provided.-PreferredWINSServerSpecifies the static IPv4 address of the primary WINS server. String data type.-AlternateWINSServerSpecifies the static IPv4 address of the secondary WINS server. String data type.-IPv6DNSResolverSpecifies the static IPv6 DNS entries of the cloned computer in a comma-separated list. There is no way to set Ipv6 static information in virtualized domain controller cloning. Array data type.-OfflineDoes not perform the validation tests and overwrites any existing dccloneconfig.xml. Has no parameters.-StaticRequired if specifying static IP arguments IPv4SubnetMask, IPv4SubnetMask, or IPv4DefaultGateway. Has no parameters.Tests performed when run in online mode:

Snapshots are differencing disks that can return a domain controller to previous state. If you were to clone a domain controller and then restore its pre-cloning snapshot, you would end up with duplicate domain controllers in the forest. There is no value in prior snapshots on a newly cloned domain controller.

These paths are not configurable. After cloning begins, the cloning checks these locations in that specific order and uses the first DcCloneConfig.xml file found, regardless of the other folder's contents.

The final configuration step before starting the cloning process is creating a new VM that uses the disks from the copied source domain controller. Depending on the selection made in the copying disks phase, you have two options:

Once the computer restarts after cloning completes, it is a domain controller and you can logon on normally to confirm normal operation. If there are any errors, the server is set to start in Directory Services Restore Mode for investigation.

Unlike virtualized domain controller cloning, Windows Server 2012 virtualization safeguards have no configuration steps. The feature works without intervention as long as you meet some simple conditions:

I am writing a PowerShell script to clone existing hyper-v VMs/ create new VMs based on a template. Where ever I look the cmdlets Export-VM and Import-VM are used. However the cmdlet New-VM has the option to use an existing VHD aswell. Wouldn't just copying the VHD and creating a New-VM be easier? It's just 1 file instead of VHD + Virtual Machine Folder + setting a new Snapshot folder. (The Template has no Snapshots)

A: One caveat to be aware of when cloning a virtual machine is that any changes made to the cloned virtual machine will not be reflected in the original virtual machine. Also, if you change the original virtual machine after cloning it, those changes will not be reflected in the clone.

Once the DC has been successfully added to the required security group, we have to run Get-ADDCCloningExcludedApplicationList cmdlet to review the software that can potentially interact with our cloning operation. Note that not all applications can be used in this mechanism so the cmdlet will display a list with those must be excluded:

You can navigate to the XML path and view its content. Remember that if applications that were displayed when executing Get-ADDCCloningExcludedApplicationList are not added to the exclusion list, the whole cloning operation will fail so make sure to generate the XML file:

The cloned machine will automatically detect this file and configure the settings added here. The cmdlet will verify if the PDC Emulator role is hosted on the source DC, if the computer is member of the Cloneable Domain Controllers security group and if all programs and services that do not support this cloning operation have been placed in the CustomDCCloneAllowList XML file:

If you've had ANY involvement in the server virtualization world over the last number of years, surely you've witnessed (or maybe even participated) in the back and forth volley that made up the hypervisor wars. Which platform is better? Which has better features? Which is more mature? Which one costs less? Which is easier to deploy? The list goes on and on. Some of the battle skirmishes were funny to watch. Entertaining, if nothing else. And some, well, just made your eyes roll. And if you happened to have a dog in that hunt, some of the marketing FUD may have even boiled your blood -- not that anyone ever lied or stretched the truth in this war.But we're in 2014 now, and while the vendors may still be battling it out for market share, the war as we knew it really has calmed down. Many of the industry pundits out there are now calling the hypervisor a commodity play. And even though VMware still has a dominant share of the server virtualization market (one research firm has that number at 55%), Microsoft is, as many predicted, making heavy inroads with Hyper-V. Above and beyond cost, one of the reasons for this market share increase is the fact that Microsoft has done a really good job of playing catch up with feature parity to VMware. Although VMware is by no stretch letting up, so parity remains in flux. However, it's hard to argue against the fact that Microsoft has made great progress with Hyper-V.Case in point, Microsoft's most recent release of Windows Server 2012 R2 hit the streets after less than a year of development from Windows Server 2012. And that update didn't pull any punches. R2 was so much more than just another service pack release. In fact, Hyper-V in Windows Server 2012 R2 boasted quite a few significant product enhancements and new features.But one of those new features really helped fill a gap that previously received quite a few complaints from Hyper-V users; and without it, Hyper-V seemed less "enterprise-ready" when compared to its counterpart, VMware vSphere. Which feature am I talking about? Virtual machine live cloning or exporting. While it's been out and available for a while now, this feature may not be as widely known as you might think. I'm still receiving questions about the existence of this capability, so I thought I would shine a light on it.

Sounds funny, but believe it or not, it's real. Since its release in Windows Server 2012, Hyper-V supports cloning of Domain Controller VMs. Cloning may seem an incredibly naughty task for a domain controller! In fact, I grew up with my Active Directory practice of preferring to address all situations through dcpromo. This includes removing a failed domain controller, moving roles around and transferring to new hardware or a new virtual machine. Windows Server 2012 has a new option that you may want to consider with Hyper-V ... Or should you stick to how you've been doing Active Directory?


Welcome to the group! You can connect with other members, ge...
bottom of page