Your network contains two Active Directory forests named contoso.com and adatum.com.
Each forest contains one domain. Contoso.com has a two-way forest trust to adatum.com.
Selective authentication is enabled on the forest trust.
Contoso contains 10 servers that have the File Server role service installed. Users
successfully access shared folders on the file servers by using permissions granted to the
Authenticated Users group.
You migrate the file servers to adatum.com.
Contoso users report that after the migration, they are unable to access shared folders on
the file servers.
You need to ensure that the Contoso users can access the shared folders on the file
servers.
What should you do?
A.
Disable selective authentication on the existing forest trust.
B.
Disable SID filtering on the existing forest trust.
C.
Run netdom and specify the /quarantine attribute.
D.
Replace the existing forest trust with an external trust.
Explanation:
Ref: http://technet.microsoft.com/en-us/library/cc794713(v=ws.10).aspx
B.
Disable SID filtering on the existing forest trust.
the question states that “Authenticated users” group is set to enable access. Since this is a well-known SID, how should disabled SID filtering help? Since selective authentication is used it would not work unless you modify the ACL of the AD computer objects of the file servers…or just disable selective authentication
Hi folks, if the answer is “B”, then tell us how you will configure?You do not know how? I also do not know.
The answer is “C”.
The answer is A. Disable Selective Authentication.
In this case you are migrating the files and SID filtering will work for users not for files.