- Active Directory Administration Cookbook
- Sander Berkouwer
- 126字
- 2021-06-24 14:42:11
Adding the domain controller to the Cloneable Domain Controllers group
In large organizations, the team responsible for managing Active Directory is usually a different team from the one managing the hypervisor platform. Through the integration components and/or VMware tools, the latter team might configure domain controllers for cloning and clone them, adding to the management burden of the Active Directory management team.
Therefore, the Active Directory team has to explicitly allow a domain controller to be cloned in Active Directory. The mechanism to do so is to add source domain controllers to the Cloneable Domain Controllers group.
The following line of PowerShell accomplish this for a source domain controller named DC03 in the lucernpub.com Active Directory domain:
Add-ADGroupMember "Cloneable Domain Controllers" "CN=DC03,OU=Domain Controllers,DC=lucernpub,DC=com"