Azure Site Recovery (ASR): a great way to create a SharePoint test environment


For all the IT Pro’s who have managed SharePoint farms, you know that it is difficult to set up a SharePoint test environment on premises.  It takes money, time and effort to replicate a production SharePoint farm.  Azure Site Recovery (ASR) is a cloud replication service that provides a great way to quickly create a SharePoint test environment.

  1. The Problem we are trying to solve
  2. The Solution: Azure Site Recovery to quickly and reliably create a SharePoint est environment
  3. Steps to Create a SharePoint test environment with ASR
    • 0: (optional) Create a local SP environment if you do not have one yet
    • 1: Check the requirements for ASR replication and prepare your servers
    • 2: Replicate your SP farm servers to Azure using ASR
    • 3: Using the ASR replica, create the SP Test Environment in Azure

The Problem: creating a SharePoint test environment – the traditional way – takes MONTHS

In my last IT Manager post, I was responsible for a SharePoint farm.  For a long time, we did not have the luxury of a test environment for SharePoint.  I was finally able to procure an HP Z220 workstation and used it for creating a SharePoint test environment.

I increased the memory and hard disk space on the HPZ220 and then used it to build a SharePoint test farm.  However, setting up this SharePoint test environment took 2 months time.  I spent time ordering and receiving the server and parts (upgrades).  And I spent time setting up the server and copying the production virtual machines – DC, Sql Server and SharePoint server – to the sandbox test environment.

The Solution: Azure Site Recovery – a quick and reliable mechanism to create a SharePoint test environment

What is Azure Site Recovery (ASR)? 

Azure Site Recovery is a business continuity and disaster recovery solution in the cloud.  You can protect on-premises servers or virtual machines by replicating them either to Azure or to a secondary site (data center).  If the primary data center location is down, you can fail over to the secondary site (Azure or the secondary data center).  Then when the primary site is back up and running, you can fail back to it.

Can Azure Site Recovery be used to create a SharePoint test environment?

Yes, since ASR can protect whole servers or virtual machines running different workloads, it can certainly replicate those SharePoint servers.  ASR can replicate all the components of a SharePoint farm:

  • Active Directory Domain Services (ADDS) Domain Controller (DC)
  • Sql Server
  • SharePoint server

ASR can take images of your Production servers.  From those images, you can then create application consistent replica servers – in the cloud or on the secondary site.  The replica servers may then be used as test servers in a SharePoint test environment.

The whole process is fast.  At home, I have a fiber optics connection.  I was able to replicate a 3-server SharePoint farm to Azure within a few days.  However, the speed of replication depends on your network’s speed and your network’s load.

Steps to create a SharePoint Test Environment with ASR

We will cover the steps – to create the SharePoint test environment – in three major steps.

O) Optional: if, like me, you want to create a local SharePoint environment – on your laptop at home – so that you can try out Azure Site Recovery, find out how to create such a SharePoint environment using Windows 10 and Windows Server 2016 Nested Virtualization step-by-step.

The following steps will be covered in separate posts.  Stay tuned:

1) Check the requirements for Azure Site Recovery (ASR) replication and prepare the SharePoint Farm’s servers
2) I will explain how to Set up a Recovery Services Vault in Azure and how to go through the Getting Started wizard.  Subsequently, we will start Replication of the SharePoint servers
3) Once we have replicated all the SharePoint servers, we can go ahead and Create a SharePoint test farm environment in the Cloud

Create a local SharePoint farm – on your laptop – using Windows 10 Hyper-V and Windows Server 2016 Nested Virtualization

  1. Overview
  2. The Problem: how to set up a SharePoint farm on your laptop
  3. The Solution: Hyper-V and Nested Virtualization
  4. Steps in Brief
  5. Detailed Steps


The combination of Windows 10 and Windows Server 2016 enable you to create a test lab on your local PC or laptop!  This is because most versions of Windows 10 have the Hyper-V feature available.  And Windows Server 2016 has a new feature called Nested Virtualization.  So you can easily create a virtual test lab consisting of one virtual machine hosting several other virtual machines!

Nested Virtualization on a Windows 10 laptop

Recently, I needed to create a SharePoint farm on my laptop.  This SharePoint farm would become my pseudo “Production” environment that I will then replicate to the cloud using Azure Site Recovery (ASR).  So Windows 10 and Windows Server 2016 were the perfect tools for the job.

Note: The solution presented in this post can be used to create any test lab (sandbox environment) – not just a SharePoint farm.

The Problem – how to set up a SharePoint farm on a laptop?

As mentioned earlier, I will be using Azure Site Recovery (ASR) to replicate my local SharePoint farm to the Cloud.  This means that I need nested virtualization.  I cannot use Windows 10 Hyper-V to create the three SharePoint VM’s because Windows 10 is not supported as an ASR host.  So I have to install a host server VM (Windows Server 2012 R2 or Windows Server 2016) on Windows 10 Hyper-V.  And subsequently, on this host server, I have to install the three SharePoint server VM’s.

Furthermore, having the SharePoint Farm VM’s hosted on Windows 10 does not represent a real production environment.  The chosen architecture – 3 SP Farm VM’s hosted on Windows Server 2016 host – is more realistic and represents the architecture of a real Production SharePoint farm.

The Solution – Hyper-V and Nested Virtualization:

In order to create a SharePoint farm with 3 servers: a DC, a Sql Server, and a SharePoint server, you either need 3 physical servers or 3 virtual machines.  At home, I do not have 3 physical servers.  VM’s are the only way to go.

Windows Server 2016 has a wonderful new feature called Nested Virtualization!!   Nested Virtualization is great for test scenarios and allows such a test lab to be created.  In previous Windows Server versions you could not nest a Hyper-V environment inside another Hyper-V environment.  Or at least, the nesting was was not supported by Microsoft.

And certain versions of Windows 10 have the Hyper-V feature readily available.  You just need to turn it ON.  This allows you to create the Windows Server 2016 host Virtual Machine (VM) without installing any new software or applications.

Setting Up the SharePoint Farm – In Brief

  1. Check the software and hardware requirements on your laptop or desktop PC
  2. Turn Hyper-V feature ON in Windows 10
  3. Create a new VM and install Windows Server 2016 on it.  Enable Nested Virtualization for this VM.
  4. Set up networking for your SharePoint farm.  We will use a separate subnet for each SharePoint VM and we will link them up with RRAS.  You do not have to use this many subnets.  You can use one subnet for all your VM’s.  I chose to use 3 subnets because I wanted my environment to mimic a VNet in Azure.
  5. Install the 3 SharePoint VM’s: DC, Sql Server 2016, SharePoint 2016

Setting up the SharePoint Farm – Detailed Steps:

1. Check Windows 10 Hyper-V requirements:

Software requirements:

The following Windows 10 versions support Hyper-V virtualization: Enterprise, Professional and Education.

Hardware requirements:

Hyper-V normally requires at least 4GB memory.  However, for this SharePoint farm (1 host VM and 3 guest VM’s), at least 10 GB of RAM would be needed.  I recommend 16 GB of RAM.  With 16GB on your laptop or PC, you will have about 10 GB RAM left for the SharePoint farm.  I assigned 1GB RAM for the DC VM and 2GB RAM each for SharePoint VM and Sql Server VM.

Remember that Windows 10 OS uses about 2 GB and there is something called the host reserve which takes about 2.5GB (depending on how much physical RAM exists on the machine).

Other hardware requirements:

  • 64-bit Processor with Second Level Address Translation (SLAT).
  • CPU support for VM Monitor Mode Extension (VT-c on Intel CPU’s).

A good way to check on all the system requirements for Hyper-V is to run the command line utility systeminfo.exe.  Open a Command Prompt window and type systeminfo.exe.  The output of the command will contain a section on Hyper-V Requirements.  Make sure all tests return a “Yes”.

2. Turn Hyper-V Feature ON in Windows 10

In the Control Panel, start Programs and Features and click on “Turn Windows Features On or Off”.  Select the Hyper-V checkbox.  This includes “Hyper-V” platform and “Hyper-V Management Tools”.  Finally, perform a restart.

3. Create a new Windows Server 2016 VM and Enable Nested Virtualization.

1. Install Windows Server 2016 on this VM.  This Windows Server 2016 VM will host your SharePoint farm.

2. With the Windows Server 2016 VM OFF – in Windows 10 – run the following Powershell commands:

Set-VMProcessor -VMName <VMName> -ExposeVirtualizationExtensions $true

Get-VMNetworkAdapter -VMName <VMName> | Set-VMNetworkAdapter -MacAddressSpoofing On

3. Under the VM settings for the Windows Server 2016 VM, turn OFF Dynamic memory for the VM

4. Give the VM enough memory.  I assigned 10 GB to the VM.

4. Set up networking for your SharePoint farm

I wanted the network of my lab to resemble a real Production environment and to mimic the virtual network (VNet) that is used in Azure.  So I configured Hyper-V for multiple subnets while using only one NIC.

On the Windows Server 2016 host:

      1. Create 4 Virtual Switches.  One external and 3 internal.
        I chose: for the DC VM, for Sql Server and for the SharePoint VM.

        Hyper-V Switches
      2. Configure the network adapters on the Hyper-V host
      3. Configure Routing and Remote Access Service (RRAS) on the host.  RRAS acts as a software router and connects the subnets.
        1. In Server Manager, click on Manage – Add Roles and Features
        2. The first page is informational and may be skipped
        3. On the second page: choose Role-based or Feature-based installation
        4. Choose the server (local server) where the RRAS feature will be added
        5. Select Remote Access on the Roles page
        6. Under the Features page:
          1. select RAS Connection Manager Administration Kit (CMAK)
          2. under Remote Server Admin Tools – Role Admin Tools: select Remote Access Management Tools
        7. On the Role Services page, select “DirectAccess and VPN (RAS)” and select Routing
        8. You will be prompted to add features required by DirectAccess and VPN (RAS)”, click YES.
        9. Make sure Routing is still selected
        10. Review the information on the Web Server Role (IIS) page
        11. Click Next on the Roles Services page
        12. Do a final confirmation and Install
        13. When it is done, Close the wizard
        14. Open the Routing and Remote Access application
        15. Right click on your server name and select “Configure and Enable Routing and Remote Access”
        16. Select Custom Configuration
        17. Select NAT and LAN Routing.  NAT allows your VM’s Intern

5. Create 3 new VM’s inside the Hyper-V Host

    1. Install the Domain Controller (DC).  You can use Desired State Configuration (DSC) to set up the ADDS Domain Controller automatically by using a script.  You can see the steps in my blog post on the subject.
    2. Install the Sql Server 2016 and
    3. SharePoint Server 2016

Build an on-premises Domain Controller (DC) using Desired State Configuration

In my last post I described how to create a DC, in Azure, using DSC and ARM Templates.  In this post, we will discuss how to automate the creation of a local – on premises – Acitve Directory Domain Services (ADDS) Domain Controller (DC) using DSC.


DSC has two modes: push mode and pull mode.

In push mode, you will author the configuration.  You will then stage the configuration by creating MOF files.  And finally, you will manually push the desired configuration onto the target server or node.  The target server can be the local server or a remote server.

On the other hand, in DSC PULL mode, you author the configuration and stage it onto a designated Pull server.  The target nodes contact the central pull server at regular intervals to obtain their desired configuration.

In our scenario, we will be using DSC in push mode.  We will author the configuration and push it onto the local Windows server (not remotely).



On the target Windows Server (Windows Server 2008 R2 SP1 and Windows Server 2012 or 2012 R2):

  1. Download and install Windows Management Framework (WMF).  This WMF 5.0 is currently available and is the recommended version.
  2. Copy the script below to the target server
  3. Open the script below in Powershell ISE as administrator
  4. Install the required Powershell modules using install-module: xActiveDirectory, xComputerManagement, xNetworking and xStorage.

Run the script

Run the script in Powershell ISE.  The first command creates the .mof files which contain the desired configuration.  The second command actually applies the configuration to the local server.  After about half an hour and one reboot, you will have a fully functional Domain Controller with a new user (domain admin).

# Configure all of the settings we want to apply for this configuration
$ConfigData = @{
    AllNodes = @(
            NodeName = 'localhost'
            MachineName = 'spfarm-ad'
            IPAddress = ''
            InterfaceAlias = 'Ethernet'
            DefaultGateway = ''
            PrefixLength = '24'
            AddressFamily = 'IPv4'
            DNSAddress = '', ''
            PSDscAllowPlainTextPassword = $true
            PSDscAllowDomainUser = $true

Configuration BuildADDC {

    param (




    Import-DscResource -ModuleName PSDesiredStateConfiguration
    Import-DscResource -ModuleName xActiveDirectory, `
                                    xComputerManagement, `
    Node $AllNodes.NodeName 
            ActionAfterReboot = 'ContinueConfiguration'            
            ConfigurationMode = 'ApplyOnly'            
            RebootNodeIfNeeded = $true  

        # Change Server Name
        xComputer SetName { 
          Name = $Node.MachineName 

        # Networking
        xDhcpClient DisabledDhcpClient
            State          = 'Disabled'
            InterfaceAlias = $Node.InterfaceAlias
            AddressFamily  = $Node.AddressFamily

        xIPAddress NewIPAddress
            IPAddress      = $Node.IPAddress
            InterfaceAlias = $Node.InterfaceAlias
            PrefixLength   = $Node.PrefixLength
            AddressFamily  = $Node.AddressFamily

        xDefaultGatewayAddress SetDefaultGateway
            Address        = $Node.DefaultGateway
            InterfaceAlias = $Node.InterfaceAlias
            AddressFamily  = $Node.AddressFamily
            DependsOn = '[xIPAddress]NewIPAddress'
        xDNSServerAddress SetDNS {
            Address = $Node.DNSAddress
            InterfaceAlias = $Node.InterfaceAlias
            AddressFamily = $Node.AddressFamily

        # Install the Windows Feature for AD DS
        WindowsFeature ADDSInstall {
            Ensure = 'Present'
            Name = 'AD-Domain-Services'

        # Make sure the Active Directory GUI Management tools are installed
        WindowsFeature ADDSTools            
            Ensure = 'Present'             
            Name = 'RSAT-ADDS'             

        # Create the ADDS DC
        xADDomain FirstDC {
            DomainName = $FQDomainName
            DomainAdministratorCredential = $DomainAdminstratorCreds
            SafemodeAdministratorPassword = $DomainAdminstratorCreds
            DependsOn = '[xComputer]SetName','[xDefaultGatewayAddress]SetDefaultGateway','[WindowsFeature]ADDSInstall'
        $domain = $FQDomainName.split('.')[0] 
        xWaitForADDomain DscForestWait
            DomainName = $domain
            DomainUserCredential = $DomainAdminstratorCreds
            RetryCount = $RetryCount
            RetryIntervalSec = $RetryIntervalSec
            DependsOn = '[xADDomain]FirstDC'

        xADRecycleBin RecycleBin
           EnterpriseAdministratorCredential = $DomainAdminstratorCreds
           ForestFQDN = $domain
           DependsOn = '[xADDomain]FirstDC'
        # Create an admin user so that the default Administrator account is not used
        xADUser FirstUser
            DomainAdministratorCredential = $DomainAdminstratorCreds
            DomainName = $domain
            UserName = $AdmintratorUserCreds.UserName
            Password = $AdmintratorUserCreds
            Ensure = 'Present'
            DependsOn = '[xADDomain]FirstDC'
        xADGroup AddToDomainAdmins
            GroupName = 'Domain Admins'
            MembersToInclude = $AdmintratorUserCreds.UserName
            Ensure = 'Present'
            DependsOn = '[xADUser]FirstUser'

# Build MOF (Managed Object Format) files based on the configuration defined above 
# (in folder under current dir) 
# Local Admin is assigned 
BuildADDC -ConfigurationData $ConfigData `
          -FQDomainName 'spdomain.local' `
          -DomainAdminstratorCreds (get-credential -Message "Enter Admin Credentials" -UserName "Administrator" ) `
          -AdmintratorUserCreds (get-credential -Message "Enter New Admin User Credentials" -UserName "admin1" ) 

# We now enforce the configuration using the command syntax below
Start-DscConfiguration -Wait -Force -Path .\BuildADDC -Verbose -Debug

Lessons Learned

Since the Powershell xActiveDirectory module is being updated all the time, a DSC script that worked a year ago needs to be updated to work with WMF 5.0 (in the last quarter of 2016).

WMF 5.0 is included in the latest version of Windows 10 and included on Windows Server 2016.

Issues and Solutions

With some of the xActiveDirectory resources, the use of the fully qualified domain name (FQDN) produced an error: “Could not find mandatory property DomainName. Add this property and try again.”

Solution: use the first part of the domain name

Active Directory (ADDS) and Hyper-V posts on Spiceworks Community

I have written articles on the Spiceworks IT-Professionals Community:

I have written about virtual domain controllers (DC’s) on the Spiceworks IT Pro Community site.  The two articles are:

Migrate Active Directory domain controllers and keep the same hostname and ip address

We had 2 ADDS DC’s on 2 HP Proliant servers.  We purchased new HP servers and those DC’s needed to be moved to the new HP servers.  However, we wanted to keep the Domain Controller’s hostname and IP address the same.

Here you can find a step-by-step tutorial on how we did that.  We completed the migration in about 4 hours time with no active directory problems post the migration.

How to synchronize a virtual Domain Controller (DC) with a time source

In this article, I discuss the recommended way for a Active Directory Domain Services (ADDS) Domain Controller (DC) on a Hyper-V Virtual Machine (VM) to synchronize and update its time with a time source.

Normally, a Hyper-V guest VM gets its time from its host.  And the host gets its time from the DC with the PDC emulator role.  However, when the DC (with PDC emulator role) is on a guest VM, the Hyper-V host will try to synchronize its time with its own guest VM and the VM would in turn synchronize its time with its Hyper-V host.  Consequently, this can lead to time synchronization problems.

You can find the recommended solution in this article.  And it does not involve turning off the time Synchronization Integration Service on the VM.