How to 'clone' 2k3 environment (AD, LAN, etc..) for lab?

I've got:
- A 2003 domain environment, running a couple of dozen servers - about
2/3 Win2k3, the rest Linux.
- Maybe 40 or 50 PCs - laptops and desktops, all running XP Pro as domain
members.
- Some users of the above-mentioned PCs are remote, connecting via
Win2k3's included VPN service.
- The servers provide MS-CRM, WWW, Exchange, database backends, etc...
- The various FSMO and GC roles are spread out among several different
servers.

- All is in one physical location, connected to the internet through a
Cisco router.
- In case it matters, *** NO NAT *** is in place - the internal machines
all use public addresses.

(This sounds like a 'word problem' from an MS exam!)

I'd like to create a lab environment to simulate my internal LAN and it's
internet connection. I
figure I'd use a couple of lightweight desktop PCs to represent
user/workstation PCs, as well as a
small handful of machines to serve as DCs and servers.

Presently, I'm not interested in the app-specific pieces - I don't really
care about Exchange, CRM,
SQL, etc... for this test environment. I suppose I can always clone the
individual app servers and add
them to the lab environment at a later time if necessary.

I *DO* need to test the LAN/routing bits of the environment - AD, DNS,
VPN, IIS come to mind.

I'm a little surprised, but I haven't found a good guide to this online.

==============
==============

I've considered building an additional DC, and leaving it on the
production LAN for a couple of days
to verify it's fully replicated, and then pulling it offline for use in
the lab. But I don't know how
that will work given that the FSMO and GC roles are spread out. I assume
it WOULD NOT contain all of
the information for every FSMO role and GC once it was off the production
network, right? So pieces of
the full environment would still be absent from the lab environment.

I've got Symantec/Veritas BackupExec implemented on the production LAN. It
occured to me I may be able
to run an IDR restore to a machine that could serve as a DC in the lab,
but I'd have to restore across
the production LAN, and at some point the newly restored machine would be
on the production LAN
simultaneously with the real, production server, causing SIG/GUID/IP
conflicts, potentially leading to
big problems in the production environment. I'd also need to do this for
several servers, or still be
absent the FSMO/GC data as described above.

I could simply build all-new servers on the LAN, but that isn't really an
accurate test.

==============
==============

Finally, what I think is the easy part, I'd want to include a mock
'internet' for my lab. I'm thinking
I'd just place a simple home router between the lab and the production
LAN, and let it pull a DHCP
address from the production LAN.


Have any of you ever done this sort of thing before? This is the first
time I've had the luxury of
enough hardware to try this (or enough VPC software and horsepower to run
it), and I'm not sure the
best way to proceed.

For any MS reps, I discovered the MS EEC project while searching for
methods to try this out - how
would the EEC engineers replicate the customer environment for their tests?

Thanks,
Steve


--
Using Opera's revolutionary e-mail client: http://www.opera.com/m2/

check out P2V from vmware.

"Steve Jacobs" <(E-Mail Removed)> wrote in message
news(E-Mail Removed)_tech.issgroup. net...
> I've got:
> - A 2003 domain environment, running a couple of dozen servers - about
> 2/3 Win2k3, the rest Linux.
> - Maybe 40 or 50 PCs - laptops and desktops, all running XP Pro as
domain
> members.
> - Some users of the above-mentioned PCs are remote, connecting via
> Win2k3's included VPN service.
> - The servers provide MS-CRM, WWW, Exchange, database backends, etc...
> - The various FSMO and GC roles are spread out among several different
> servers.
>
> - All is in one physical location, connected to the internet through a
> Cisco router.
> - In case it matters, *** NO NAT *** is in place - the internal machines
> all use public addresses.
>
> (This sounds like a 'word problem' from an MS exam!)
>
> I'd like to create a lab environment to simulate my internal LAN and it's
> internet connection. I
> figure I'd use a couple of lightweight desktop PCs to represent
> user/workstation PCs, as well as a
> small handful of machines to serve as DCs and servers.
>
> Presently, I'm not interested in the app-specific pieces - I don't really
> care about Exchange, CRM,
> SQL, etc... for this test environment. I suppose I can always clone the
> individual app servers and add
> them to the lab environment at a later time if necessary.
>
> I *DO* need to test the LAN/routing bits of the environment - AD, DNS,
> VPN, IIS come to mind.
>
> I'm a little surprised, but I haven't found a good guide to this online.
>
> ==============
> ==============
>
> I've considered building an additional DC, and leaving it on the
> production LAN for a couple of days
> to verify it's fully replicated, and then pulling it offline for use in
> the lab. But I don't know how
> that will work given that the FSMO and GC roles are spread out. I assume
> it WOULD NOT contain all of
> the information for every FSMO role and GC once it was off the production
> network, right? So pieces of
> the full environment would still be absent from the lab environment.
>
> I've got Symantec/Veritas BackupExec implemented on the production LAN. It
> occured to me I may be able
> to run an IDR restore to a machine that could serve as a DC in the lab,
> but I'd have to restore across
> the production LAN, and at some point the newly restored machine would be
> on the production LAN
> simultaneously with the real, production server, causing SIG/GUID/IP
> conflicts, potentially leading to
> big problems in the production environment. I'd also need to do this for
> several servers, or still be
> absent the FSMO/GC data as described above.
>
> I could simply build all-new servers on the LAN, but that isn't really an
> accurate test.
>
> ==============
> ==============
>
> Finally, what I think is the easy part, I'd want to include a mock
> 'internet' for my lab. I'm thinking
> I'd just place a simple home router between the lab and the production
> LAN, and let it pull a DHCP
> address from the production LAN.
>
>
> Have any of you ever done this sort of thing before? This is the first
> time I've had the luxury of
> enough hardware to try this (or enough VPC software and horsepower to run
> it), and I'm not sure the
> best way to proceed.
>
> For any MS reps, I discovered the MS EEC project while searching for
> methods to try this out - how
> would the EEC engineers replicate the customer environment for their
tests?
>
> Thanks,
> Steve
>
>
> --
> Using Opera's revolutionary e-mail client: http://www.opera.com/m2/