Which two actions should you perform?

Your network contains an Active Directory domain named contoso.com. The domain contains a file
server named Server1 and a domain controller named DC1. All servers run Windows Server 2012
R2. A Group Policy object (GPO) named GPO1 is linked to the domain.
Server1 contains a folder named Folder1. Folder1 is shared as Share1.
You need to ensure that authenticated users can request assistance when they are denied access
to the resources on Server1.
Which two actions should you perform? (Each correct answer presents part of the solution. Choose
two.)

Your network contains an Active Directory domain named contoso.com. The domain contains a file
server named Server1 and a domain controller named DC1. All servers run Windows Server 2012
R2. A Group Policy object (GPO) named GPO1 is linked to the domain.
Server1 contains a folder named Folder1. Folder1 is shared as Share1.
You need to ensure that authenticated users can request assistance when they are denied access
to the resources on Server1.
Which two actions should you perform? (Each correct answer presents part of the solution. Choose
two.)

A.
Assign the Read Attributes NTFS permission on Folder1 to the Authenticated Users group.

B.
Install the File Server Resource Manager role service on Server1.

C.
Configure the Customize message for Access Denied errors policy setting of GPO1.

D.
Enable the Enable access-denied assistance on client for all file types policy setting for GPO1.

E.
Install the File Server Resource Manager role service on DC1.

Explanation:
http://technet.microsoft.com/en-us/library/hh831402.aspx#BKMK_1

← Previous question

Next question →

Leave a Reply 10

Hank

I think this should be C and D. Everything in this question seems to be pointing to GP as the answer and GP is usually preferred anyway. If you look at the link provided, https://technet.microsoft.com/en-us/library/hh831402.aspx#BKMK_1, it shows that you can do this either through GP or through FSRM on the server but I would think GP would be preferred if it is possible.

Reply

snfonseka

Answer is C and D. Because “Install the File Server Resource Manager role service on Server1” is not enough. You need to configure it.

Reply

rlado

Agree, you must have a FSRM first.

Reply

mist74

If you not customize then default message will be dispalyed. Because of that customization is not demanded. FSRM is demanded, because without it all GPO work will not get any profits.

Reply

Ricky

Mist74 is correct. Some of you here really lack the fundamentals to even 70-411 stuff. Pathetic.

Yes, GPO is the preferred way to go as per Hank’s reply. However, FSRM related GPOs will only affect servers that have the FSRM role installed. You would need to install FSFRM first, then the second step would be to either manually configure the settings on the server itself OR configure GPO.

Reply

Moli

Bullshit Ricky…Before you talk about other Peoples you should first research a little bit…as a lot People already mentioned here, there are two ways of deploying Access denied Assistance. 1. With GPO only or 2. With FSRM and GPO configured.

They dont ask to achieve this by FSRM…so i think i would go for the GPO only. I would go for C + D.

Reply

Leg01as

Answers are correct. You cant configure “it” without installing FSRM. 2 ways to get this done is FSRM and GPO

B,D

Reply

Moli

Sure you can without installing FSRM…..

Reply

Nobody

I agree with snfonseka

Reply

joni

i think is c an D, becouse in a Domain you can configure the access denied Request with the GPO,s

Reply