Your network contains an Active Directory domain named contoso.com. The domain
contains a domain controller named DC1.
You run ntdsutil as shown in the exhibit. (Click the Exhibit button.)
You need to ensure that you can access the contents of the mounted snapshot.
What should you do?
A.
From the snapshot context of ntdsutil, run activate instance “NTDS”.
B.
From a command prompt, run dsamain.exe -dbpath
c:\$snap_201204131056_volumec$\windows\ntds\ntds. dit -Idapport 389.
C.
From the snapshot context of ntdsutil, run mount {79f94f82-5926-4f44-8af0-
2f56d827a57d}.
D.
From a command prompt, run dsamain.exe -dbpath
c:\$snap_201204131056_volumec$\windows\ntds\ntds. dit -Idapport 33389.
Explanation:
By default, only members of the Domain Admins group and the Enterprise Admins group are
allowed to view the snapshots because they contain sensitive AD DS data. If you want to
access snapshot data from an old domain or forest that has been deleted, you can allow
nonadministrators to access the data when you run Dsamain.exe.
If you plan to view the snapshot data on a domain controller, specify ports that are different
from the ports that the domain controller will use.
A client starts an LDAP session by connecting to an LDAP server, called a Directory System
Agent (DSA), by default on TCP port and UDP [7] port 389. The client then sends an
operation request to the server, and the server sends responses in return. With some
exceptions, the client does not need to wait for a response before sending the next request,
and the server may send the responses in any order. All information is transmitted using
Basic Encoding Rules (BER).
http: //technet. microsoft. com/en-us/library/cc753609(v=ws. 10). aspx
I think the next step will be to mount the snapshot before using DSAMain.
Yes, you are right. you Need tomount it with Mount command.
Ans is C
Its already mounted if its viewable by that command. Also the question says “You need to ensure you can access the contents of the mounted snapshot”.
Answer is D
I vote: A
I believe we need to mount it first indeed.
Even in the image we have:
mount {…a57d}
http://technet.microsoft.com/en-us/library/cc753609(v=WS.10).aspx
Although it is not a requirement, you can schedule a task that regularly runs Ntdsutil.exe to take snapshots of the volume that contains the AD DS or AD LDS database.
2. Run Ntdsutil.exe to list the snapshots that are available and then mount the snapshot that you want to view.
3. Run Dsamain.exe to expose the snapshot volume as an LDAP server.
JohnyBoy ,You are Right in your steps and here we will start from step 3 as the snapshot already mounted so answer sure will be D.
I’ve just tried this.
You can see in the image “c:\$SNAP…” this means the image has been mounted.
Now we need to use dsamain to make it available in a specific port.
Correct answer is D
“You need to ensure that you can access the contents of the mounted snapshot”.
The question already states that the snapshot has already been mounted. Why would you mount it again?
The next logical step would be to run dsamain.exe
why Idapport 33389 and not -Idapport 389?
First of all, it’s LDAPport. WITH THE LETTER “L”
Jesus, you pricks trying to pass these MCSA exams by cheating and reading dumps don’t even know what the hell LDAP is? So many of these dumps are WRONG, the spelling is absoustely atrocious and the answers are horrible.
Did you not think for one second that it’s -ldapport and not -“i”dapport?
Do you even know what LDAP is?
Probably not.
Isn’t the ldapport TCP 380 anyway?
Here is the run through:
You are accessing a prior version of the AD Database (ntds.dit)
You run NTDSUTIL and run snapshot. Once in the snapshot sub command you run list all.
This shows any ntds.dit available.
Next you run the snapshot sub command MOUNT followed by the GUID:
snapshot: mount 0eda7cb7-1d0e-4c32-a0f4-6529342ez0f
Look on you your C:\ and you will see $snap-datehere_someothernumbers_VolumeC$\
So you now have an offline copy of the ntds.dit.
Now you need to make it ONLINE. So the issue is this: There is already and ntds.dit online and listening on port 389 (ldap).
You have to choose another port. I go with 60000.
You can then go into ADUC and right click on the domain and connect to another domain controller. Specify the name of the server that the $snap is on plus the port of 60000 (or whatever you chose) and you can now view the contents.
D is the correct answer. Snapshot: list all in ntdsutil command is showing which snapshot item is already mounted. You can not mount again an already mounted image (c:\$SNAP…). Now the next task is to view the snapshot and that process is shown in answer D