Cloning Active Directory Domain Controllers

Posted by


A new feature in Server 2012 allows domain controllers to be cloned to allow easy domain controller provisioning. We will demonstrate the main steps required to achieve this using PowerShell.

You need to meet a few pre-requisites before actually cloning the domain controller:

  1. The PDC emulator FSMO role must be held on a Windows 2012 Domain Controller
  2. The server to be cloned must be running Windows Server 2012
  3. The Hypervisor must support DC cloning – (Hyper-V 3) (if the hypervisor is not supported for DC cloning, the DC will reboot into DSRM mode)
  4. You need to be a member of local administrators on the Hyper-V host
  5. To use the export / import feature on two different hyper-v servers make sure the virtual network switch is named the same
  6. You should not clone a VHD or restore a snapshot that is older than the tombstone lifetime value (or the deleted object lifetime value if Active Directory Recycle Bin is enabled). If you are copying a VHD of an existing domain controller, be sure the VHD file is not older that the tombstone lifetime value (by default, 60 days). You should not copy a VHD of a running domain controller to create clone media.

Follow these steps to clone your domain controller:

  1. Add the domain controller to be cloned to the Cloneable Domain Controllers Group


Add the computer to the group using powershell commandlet

Add-ADGroupMember –Identity “CN=Cloneable Domain Controllers,CN=Users,DC=Labchild,DC=labdomain,dc=com” –Member “DOMAIN CONTROLLER DN”

2. Check the PDC role is running on a 2012 domain controller



3. Check the list of excluded applications / applications which are not supported for DC Cloning



4. If any applications were found make sure you resolve these issue prior to cloning the applications then make the excluded application XML file


5. Create the clone config file



6. From the hyper-v host stop the virtual machine to be cloned, then delete any snapshots from the machine



7. Export the VM now to a folder


8. The VM can now be imported either on the same Hyper-V host or another




9. Start the new VM