Your network contains one Active Directory domain named contoso.com. The forest functional level
is Windows Server 2012. All servers run Windows Server 2012 R2. All client computers run Windows
8.1.
The domain contains 10 domain controllers and a read-only domain controller (RODC) named
RODC01. All domain controllers and RODCs are hosted on a Hyper-V host that runs Windows Server
2012 R2.
You need to identify which domain controllers are authorized to be cloned by using virtual domain
controller cloning.
Which cmdlet should you use?
A.
Get-ADGroupMember
B.
Get-ADDomainControllerPasswordReplicationPolicy
C.
Get-ADDomainControllerPasswordReplicationPolicyUsage
D.
Get-ADDomain
E.
Get-ADOptionalFeature
F.
Get-ADAccountAuthorizationGroup
Explanation:
One requirement for cloning a domain controller is an existing Windows Server 2012 DC that hosts
the PDC emulator role. You can run the Get-ADDomain and retrieve which server has the PDC
emulator role.
Example: Command Prompt: C:\PS>
Get-ADDomain
Output wouldinclude a line such as: PDCEmulator : Fabrikam-DC1.Fabrikam.comStep-by-Step: Domain Controller Cloning
http://blogs.technet.com/b/canitpro/archive/2013/06/12/step-by-step-domain-controllercloning.aspxGet-ADDomain
https://technet.microsoft.com/en-us/library/ee617224.aspx
The answer is A, Get-ADGroupMember which can be used to get the members of the “Clonable Domain Controllers” group.
Whilst a PDC emulator must be running, this doesn’t tell you which DCs are authorised to be cloned.
Answer: A
Get-ADGroupMember -Identity ‘Cloneable Domain Controllers’
https://technet.microsoft.com/en-us/library/jj574096.aspx
Answer = A
Get-ADGroupMember -Identity ‘Cloneable Domain Controllers’
Get-ADGroupMember
http://www.itnotes.eu/?p=2006