Which cmdlet should you use?

Your network contains one Active Directory domain named contoso.com. The forest functional level
is Windows Server 2012. All servers run Windows Server 2012 R2. All client computers run Windows
8.1.
The domain contains 10 domain controllers and a read-only domain controller (RODC) named
RODC01. All domain controllers and RODCs are hosted on a Hyper-V host that runs Windows Server
2012 R2.
You need to identify which domain controller must be online when cloning a domain controller.
Which cmdlet should you use?

Your network contains one Active Directory domain named contoso.com. The forest functional level
is Windows Server 2012. All servers run Windows Server 2012 R2. All client computers run Windows
8.1.
The domain contains 10 domain controllers and a read-only domain controller (RODC) named
RODC01. All domain controllers and RODCs are hosted on a Hyper-V host that runs Windows Server
2012 R2.
You need to identify which domain controller must be online when cloning a domain controller.
Which cmdlet should you use?

A.
Get-ADGroupMember

B.
Get-ADDomainControllerPasswordReplicationPolicy

C.
Get-ADDomainControllerPasswordReplicationPolicyUsage

D.
Get-ADDomain

E.
Get-ADOptionalFeature

F.
Get-ADAccountAuthorizationGroup

Explanation:
One requirement for cloning a domain controller is an existing Windows Server 2012 DC that hosts
the PDC emulator role. You can run the Get-ADDomain and retrieve which server has the PDC
emulator role.
Example: Command Prompt: C:\PS>
Get-ADDomain
Output wouldinclude a line such as: PDCEmulator : Fabrikam-DC1.Fabrikam.com
Incorrect:
Not A: The Get-ADGroupMember cmdlet gets the members of an Active Directory group. Members
can be users, groups, and computers.
Not E: The Get-ADOptionalFeature cmdlet gets an optional feature or performs a search to retrieve
multiple optional features from an Active Directory.
Not F: The Get-ADAuthorizationGroup cmdlet gets the security groups from the specified user,
computer or service accounts token.

Step-by-Step: Domain Controller Cloning
http://blogs.technet.com/b/canitpro/archive/2013/06/12/step-by-step-domain-controllercloning.aspx

Get-ADDomain
https://technet.microsoft.com/en-us/library/ee617224.aspx



Leave a Reply 5

Your email address will not be published. Required fields are marked *

eleven + 2 =


Bas

Bas

correct answer is A
run Get-ADGroupMember -Identity “Cloneable Domain Controllers”

Marcel

Marcel

That is not true, the right answer is definitely D (tested it in a lab environment).

Bas

Bas

Marcel is right, tested it by myself (output PDCEmulator): Answer = D

Michael

Michael

D is correct, DC that hosts the PDCE operation role needs to be online when cloning domain controllers.

Fréd

Fréd

Answer : D. Get-ADDomain -> You need to know if the PDC is online and where.

Wrong answer : E. Get-ADOptionalFeature -> because it’s for the recycled bin.