The testing that I have been doing of the SSLF baseline for XP workstations has been a fun challenge.
-Creating a new DC in a virtual environment
It seems as though even in a virtual environment, Microsoft still has to be a pain to work with at times. I know that this is a surprise. On Tuesday, I had successfully crashed my virtual DC (with some strange mutations visible in the RSOP prior to crash), which was followed by the fact that even after promoting my member server to a DC, I was still not able re-join my test workstation to the domain. Although it should have been a simple issue of moving the workstation into a workgroup and then back to the domain, it wasn't! The steps I had to take to re-create my virtual network are:
1) Create another virtual machine and install Server 2K3.
2) Remove all roles from original member server
3) Remove member server from domain (workstation already moved back to workgroup)
4) Run 'DCPROMO' on new server, setting up AD and DNS (a new subnet range had to used)
5) Move member server into new domain (Step 4 was done twice, with a new domain name used the second time. While I tried to keep the original domain name, this was unsuccessful. The MS an WS could ping, but not join to the domain.)
6) Establish roles on MS
7) Move workstation to new domain
It has been some time since I have done any major network admin. However, becuase I had to do some strange additional steps, I wonder if:
a) VMWare maintains a permenant routing table for bridged virtual networks?
b) even without doing any transfers, using images, shouldn't I have been able to just add at least the workstation ot the new domian through the progression: old domain->workstation->new domain?
In any event, it was right back to the SSLF adventure after this point.