Your network contains one Active Directory forest named contoso.com. The forest contains two
child domains and six domain controllers. The domain controllers are configured as shown in the
following table.
You create a trust between contoso.com and a domain in another forest at a partner company.
You need to prevent the sales.contoso.com and the manufacturing.contoso.com names from being
used in authentication requests across the forest trust.
What should you use?
A.
Set-ADSite
B.
Set-ADReplicationSite
C.
Set-ADDomain
D.
Set-ADReplicationSiteLink
E.
Set-ADGroup
F.
Set-ADForest
G.
Netdom
Explanation:
The Netdom trust command establishes, verifies, or resets a trust relationship between domains.
Parameters include /RemoveTLNEX:
Removes the specified top level name exclusion (DNS Name Suffix) from the forest trust info from
the specified trust. Valid only for a forest transitive non-Windows realm trust and can only be
performed on the root domain for a forest.Netdom trust
https://technet.microsoft.com/sv-se/library/Cc835085(v=WS.10).aspx
netdom is only valid for forest transtitive non-windows realm trust…the questions seems to imply this is a windows forest trust, so would it not be set-adforest?
Really good thread here: http://www.aiotestking.com/microsoft/you-need-to-prevent-the-salescontosocom-and-the-manufacturingcontosocom-names-from-being-used-in-authentication-requests-across-the-forest-trust/#comment-675183
It should be netdom
JeanMalot says:
May 18, 2016 at 1:38 pm
https://msdn.microsoft.com/fr-fr/library/cc786254(v=ws.10).aspx
“You can exclude existing name suffixes from routing to local forests by using the New Trust Wizard in Active Directory Domains and Trusts or by using the Netdom command-line tool.”
this settles it for me.
It’s G.