I have done two things in the past to test AD in a private network. We used to use the VMware Converter to do P2Vs, which actually worked quite well. Our DCs at the time were Windows 2003 and later 2008 R2 VMs. We later began to do a straight clone of a 2008 R2 DC, but that required shutting down the DC. That particular DC didn't get much traffic, so we could afford to shut it down for an hour or two. We now are at Windows 2012 R2 DCs and I have so far shut down a DC once for cloning.
I don't know why a P2V would be clean for copying a running DC, where cloning sets off a lot of VSS errors, etc. There's probably an easily explained, known reason for it, but I'm not aware myself. I haven't tried cloning a live 2012 R2 DC, but I assume it would react the same way. 2012 R2 DCs are much more VM friendly and they are even clonable for production, if done correctly, but the MS instructions for it do say to shut down the source DC.
