Building a virtual LAB that is prepared for snapshots


As a consultant and instructor I use my virtual labs every day for developing, testing and doing demos. My virtual lab has 2 Domain Controllers and and a member server for each role or version of a product that I need in my lab.

Most of my member servers has a lot of snapshots, so I can “travel” back and forward in time if I need to test stuff over and over again. Or if I’m testing a beta product where I get get new builds, so I don’t need to configure all the pre-requirements over and over again.

If you don’t want the member servers (the snapshots) to be locked out, you need to configure Group Policy so that computer accounts have a maximum password age of 999 days. By default, computer accounts change their passwords automatically every 30 days. If you are saving computer images or snapshots and restoring them later, this setting ensures that the disk images or virtual snapshots will be restorable for up to 999 days.

Configure the maximum computer account password age in Group Policy

  1. On a Domain Controller open the Group Policy Management Editor, and edit the Default Domain Policy.
  2. Expand PoliciesComputer ConfigurationPoliciesWindows SettingsSecurity SettingsLocal PoliciesSecurity Options.
  3. In the details pane, double-click Domain member: Maximum machine account password age.
  4. On the Security Policy Setting tab, select Define this policy setting, type 999, and then click OK.
  5. Close the Group Policy Management Editor and Group Policy Management consoles.



About Author

My name is Ronni Pedersen and I'm currently working as a Cloud Architect at APENTO in Denmark. My primary focus is Enterprise Client Management solutions, based on technologies like AzureAD, Intune, EMS and System Center Configuration Manager. I'm is also a Microsoft Certified Trainer and Microsoft MVP in Enterprise Mobility.

Leave A Reply

This site uses Akismet to reduce spam. Learn how your comment data is processed.