You need to ensure that User1 can log on to DC10 if the network link between the Main site and the Branch site fails

Your network contains an Active Directory domain named contoso.com.
All domain controllers run Windows Server 2012 R2. The domain contains two domain controllers.
The domain controllers are configured as shown in the following table.

You configure a user named User1 as a delegated administrator of DC10.
You need to ensure that User1 can log on to DC10 if the network link between the Main site and
the Branch site fails.
What should you do?

Your network contains an Active Directory domain named contoso.com.
All domain controllers run Windows Server 2012 R2. The domain contains two domain controllers.
The domain controllers are configured as shown in the following table.

You configure a user named User1 as a delegated administrator of DC10.
You need to ensure that User1 can log on to DC10 if the network link between the Main site and
the Branch site fails.
What should you do?

A.
Add User1 to the Domain Admins group.

B.
On DC10, run ntdsutil and configure the settings in the Roles context.

C.
Run repadmin and specify the /prp parameter.

D.
On DC1, modify the User Rights Assignment in Default Domain Controllers Group Policy object (GPO).

Explanation:
repadmin /prp will allow the password caching of the local administrator to the RODC.
This command lists and modifies the Password Replication Policy (PRP) for read-only domain
controllers (RODCs).
https://technet.microsoft.com/en-us/library/cc755310%28v=ws.10%29.aspx



Leave a Reply to MountSwolmore Cancel reply4

Your email address will not be published. Required fields are marked *

19 − fifteen =


Starlin

Starlin

I had this question on my exam 2 weeks ago, and C was not one of the choices. Another dump is listing this options for this question:

A.On DC10, run ntdsutil and configure the settings in the Roles context.
B.On DC10, run ntdsutil and configure the settings in the Local Roles context.
C.Modify the properties of the DC10 computer account.
D.Run repadmin and specify /replsingleobject parameter.
E.On DC10, modify the User Rights Assignment in Local Policies.

And listing E as the right answer.

(I can’t really remember if these were the options i had, but im sure repadmin /prp was not there).

I’m going to test this to see which works.

snfonseka

snfonseka

In order to log to DC10 (when the link is down), User1’s password should be stored in DC10; am I right?

Dev7

Dev7

That goes without saying.