You must create a group in AD that contains all the cloned desktops that you want to exclude from entitlement. The group is an OU. The OU is a directory object in HPCA Enterprise, which you can associate with a policy that denies patch services to this OU. For more information, see Denying Patch Services to Cloned Desktops.
To create a new group for cloned desktops in the Active Directory:
Note: If you add more cloned desktops to your network, ensure that they are added to this group. It is not done automatically.