You can use U-Move to migrate your Active Directory domain controller (DC) to a cloud service provider (CSP) such as Amazon AWS (EC2), Microsoft Windows Azure, Google Compute Engine, HP Cloud, or IBM. The CSP must offer a virtual machine (VM) that can run a compatible edition of Windows Server.
How to move Your Domain Controller to the Cloud
The initial steps for migrating your DC to the cloud are similar to the steps required to replace a domain controller on your internal network. First, install a compatible version of Windows Server on the target cloud VM, then prepare the target Windows Server to receive a snapshot of Active Directory.
The difference is that U-Move will not overwrite the Internet Address settings on the target VM. During the interview, U-Move will instead offer to skip moving the client Internet Address settings and the client DNS settings to the new VM.
Select the default choice and click Next.
DNS client settings
Because U-Move does not modify any client network settings on the cloud DC, you will need to make sure that the cloud DC correctly points to a DNS server that offers the necessary A and SRV records so that other computers in your production network can locate the cloud DC for Active Directory service.
If you are using a Virtual Private Network (VPN) to access your cloud DC, use the private Internet Address assigned by your VPN network provider.
If the cloud DC hosts its own local copy of DNS, then the configure the DNS client address on the cloud DC to point to itself (127.0.0.1 and ::1).
The Invocation ID is updated
When U-Move clones AD to the new DC, it will reboot the new DC with a new Invocation ID. The new DC will notify the other DCs that the DC was moved or restored from a backup copy. The other DCs will then synchronize and 'play back' all changes made to Active Directory since the snapshot was taken. This will bring the cloud DC up to date with the other DCs in the same domain.
Caution: Duplicate domain controller
Because the new cloud DC is an exact copy of your original DC, it is important that the old DC and the new DC do not attempt to provide Active Directory service at the same time. This can cause confusion in your production network and create errors in AD replication.
You must disconnect the old DC from your production network and retire it before you bring your new cloud DC online.
Using U-Move for disaster recovery
You can set up a standby DC for offsite disaster recovery (DR). Use the same steps described above. Run U-Move on your production DC to create a daily backup snapshot of AD (.BKF file). Upload the .BKF file to your DR site on a daily basis.
If a disaster occurs, boot your dormant disaster-recovery DC and load the AD snapshot on it. Change your organization's DNS records to point to the disaster-recovery DC. After the disaster ends, turn off the disaster-recovery DC and revert back to the original DC. (Note that this is effectively a read-only solution, unless you decide to clone AD back to the original DC after the disaster is over.)
|U-Move for Active Directory|