Hey @jformacek, I wonder if you could please expand SidCloner.formats.ps1xml to also show Win32Exception.Message in the last column in case of an error. I have seen customers struggle with meeting the requirements, and not seeing the actual error messages, .e.g., "The operation requires that destination domain auditing be enabled".
Unfortunately, I only noticed that the CloneResult return value actually had the ErrorDetail property after implementing my own wrapper of the IDL_DRSAddSidHistory RPC call. But at least I discovered this call could do intra-domain SID cloning as well, not just cross-forest, if the DS_ADDSID_FLAG_PRIVATE_DEL_SRC_OBJ flag is used.
Hey @jformacek, I wonder if you could please expand
SidCloner.formats.ps1xmlto also showWin32Exception.Messagein the last column in case of an error. I have seen customers struggle with meeting the requirements, and not seeing the actual error messages, .e.g., "The operation requires that destination domain auditing be enabled".Unfortunately, I only noticed that the
CloneResultreturn value actually had theErrorDetailproperty after implementing my own wrapper of the IDL_DRSAddSidHistory RPC call. But at least I discovered this call could do intra-domain SID cloning as well, not just cross-forest, if theDS_ADDSID_FLAG_PRIVATE_DEL_SRC_OBJflag is used.