Your network contains an Active Directory domain named contoso.com.
All user accounts for the marketing department reside in an organizational unit (OU) named OU1. All user
accounts for the finance department reside in an organizational unit (OU) named OU2.
You create a Group Policy object (GPO) named GPO1. You link GPO1 to OU2. You configure the Group Policy
preference of GPO1 to add a shortcut named Link1 to the desktop.
You discover that when a user signs in, the Link1 is not added to the desktop.
You need to ensure that when a user signs in, Link1 is added to the desktop.
What should you do?
A.
Enforce GPO1.
B.
Enable loopback processing in GPO1.
C.
Modify the Link1 shortcut preference of GPO1.
D.
Modify the Security Filtering settings of GPO1.
Explanation:
Security filtering is a way of refining which users and computers will receive and apply the settings in a Group
Policy object (GPO). Using security filtering, you can specify that only certain security principals within a
container where the GPO is linked apply the GPO. Security group filtering determines whether the GPO as a
whole applies to groups, users, or computers; it cannot be used selectively on different settings within a GPO.
B to my opinion, as by default the sequrity filtering has the authenticated user option, with should be enough
I also don’t think D is correct for the same reason as above, however B is also not correct as you can configure the shortcut in the user settings which are already applied last, I think A is the correct answer as this stops other GPOs from overwriting this setting
Question says we create a new GPO. Every new gpo hast “Authenticated Users” added as default in the security so it’s not D.
since there are no signs the gpo is blocked or something, enforcing also wouldn’t do anything So A also fails.
Also loopback doesn’t do anything in this situation.
Only possibility is that something has gone wrong when creating the Shortcut in the GPO.
So i would go for C and have a look at the shortcut preferences.
I’d choose C.
Agree on C. It’s the only answer that seems to make sense, although the question is (true to form) ambiguous when it states: “…You discover that when a user signs in, the Link1 is not added to the desktop.”
The assumption is that the user is a Marketing Dept user, but that it not stated outright. But even with that ambiguity, the only reasonable answer you are left with is C.
Answer C) seems to be the right choice (modification of Actions to Replace).
https://technet.microsoft.com/en-us/library/cc753580.aspx
I would go for C as well, when you modify the shortcut, it gets recreated if it is no there, or over written. no need for security as every authenticated user has access to the policy be default.
C
answer is C:
in the shortcut preference u can force the shortcut to be created everytime a user logs on.
D is correct. GPO1 is only linked to OU2 so the user that logs on could be from the marketing department which resides in OU1. GPO1 will not apply to OU1 unless it is linked to OU1 or the security filtering options is changed to allow users from OU1.
I kind of agree with the way you’re thinking, but in this case, the question states this “You discover that when a user signs in, the Link1 is not added to the desktop.”, which includes all users, even the ones that are GPO linked on OU2. So you’d only use D if the question mentioned something like this: You need to ensure that Link1 is also added to users in OU1…
Agree with Dev7
You can’t assign a OU to a security filter only groups, users and computers….
The answer is C
The linked peference shortcut needs to be modified if it’s removed.
The answer is C
The linked preference shortcut needs to be modified if it’s removed.
In the properties of the Link1 shortcut preference of GPO1 in the Common find there is an option “Apply once and do not reapply”