Your network contains one Active Directory domain named contoso.com. The forest functional level
is Windows Server 2012. All servers run Windows Server 2012 R2. All client computers run Windows
8.1.
The domain contains 10 domain controllers and a read-only domain controller (RODC) named
RODC01. All domain controllers and RODCs are hosted on a Hyper-V host that runs Windows Server
2012 R2.
You need to identify which domain controllers are authorized to be cloned by using virtual domain
controller cloning.
Which cmdlet should you use?
A.
Get-ADGroupMember
B.
Get-ADDomainControllerPasswordReplicationPolicy
C.
Get-ADDomainControllerPasswordReplicationPolicyUsage
D.
Get-ADDomain
E.
Get-ADOptionalFeature
F.
Get-ADAccountAuthorizationGroup
Explanation:
One requirement for cloning a domain controller is an existing Windows Server 2012 DC that hosts
the PDC emulator role. You can run the Get-ADDomain and retrieve which server has the PDC
emulator role.
Example: Command Prompt: C:\PS>
Get-ADDomain
Output wouldinclude a line such as: PDCEmulator : Fabrikam-DC1.Fabrikam.comStep-by-Step: Domain Controller Cloning
http://blogs.technet.com/b/canitpro/archive/2013/06/12/step-by-step-domain-controllercloning.aspxGet-ADDomain
https://technet.microsoft.com/en-us/library/ee617224.aspx
Provided answer is wrong. A DC has to be a member of the Cloneable Domain Controllers security group to be _authorized_ for cloning. To see the group members, run:
Get-ADGroupMember -Identity ‘Cloneable Domain Controllers’
agree, A. is the answer
I think that provided answer is right.
What you have misunderstood from the question is that it is asking just to verify which Domain controller is in the list for cloning. So for this reason i will go with the given answer.
I believe that provided answer is right.
What you have misunderstood from the question is that it is asking just to verify which Domain controller is in the list for cloning. So for this reason i will go with the given answer.
Provided answer is correct as one requirement for cloning a domain controller is an existing windows server 2012 DC that hosts PDC emulator role.
Yes, however, It says all DCs are already 2012 R2.
The PDC emulator ONLY needs to be on the server that has the same OS of the server you want to clone.
For example, If the PDC emulator is on a server 2008 R2 DC, and I have a Server 2012 R2 server, I cannot clone from that 2008 R2 DC. I must transfer the PDC Emulator role to another 2012 R2 DC then clone from that 2012 R2 DC.
In this question, all of the servers are already 2012 R2. So we dont need to care where the PDC emulator is.
We just have to identify which DCs are authorized to be cloned. You can have more than one DC that is allowed to be cloned, and only 1 DC per domain is allowed to have the PDC emulator.
So the answer is A.
provided answer is wong.
H-O-W-E-V-E-R….
There is another question that is very similar but asks
“You need to identify which domain controller MUST BE ONLINE when cloning a domain controller.”
In that case, the answer is D.
Get-ADDomain | Select-Object PDCEmulator
I hope this clears it up for you.
nice
Thanks MJG great sum up as I was positive it was A also but doubted myself when people started saying D
suring there is windows 2012 R2 DC,so what he need to do is to identify which server is member of cloneable domain controllers group
correct answer is A
run get-adgroupmember “cloneable domain controllers”