Your network contains an Active Directory forest named contoso.com. The forest contains a single domain. All
domain controllers run Windows Server 2012 R2.
The domain contains two domain controllers. The domain controllers are configured as shown in the following
table.
Active Directory Recycle Bin is enabled.
You discover that a support technician accidentallyremoved 100 users from an Active Directory group named
Group1 an hour ago.
You need to restore the membership of Group1.
What should you do?
A.
Perform tombstone reanimation.
B.
Export and import data by using Dsamain.
C.
Perform a non-authoritative restore.
D.
Recover the items by using Active Directory Recycle Bin.
Explanation:
Accounts were not deleted, but only removed from group, so Recycle Bin and tombstone reanimation are not
options.
http://technet.microsoft.com/en-us/library/cc772168.aspx
In this article you will see in the syntax for this command, that you have no option to use DSAMAIN to export/import data. You can only view the AD snapshot.
Also, in another article:
http://technet.microsoft.com/en-us/library/cc753246(v=WS.10).aspx ,
one can find again that you can use AD database mounting tool, as a help only in viewing the AD content at the moment when the AD snapshot or backup was made and you cannot recover objects with it. That been said, which answer is the right one?
D
The answer is A – Perform Tombstone Reanimation.
First off we can eliminate B as Alex just mentioned we can only use DSAMAIN to view the snapshot.
C is wrong because Performing a Non-Authoritative restore should only be used when your Active Directory is corrupt and you need to restore a working copy of it. Once Active Directory has been restored it will be overwritten during replication.
D Recycle Bin can be used to restore objects and not changes made within those objects.
I’m seeing this question around with C as ‘authoritive restore” where it is the answer.
A and D are is, it says removed, not deleted.
I don’t think option C is correct.
A. Perform tombstone reanimation. (The only answer that will work)
B. Export and import data by using Dsamain. (Only shows content, can’t restore)
C. Perform a non-authoritative restore. (No point, Authoritative is required)
D. Recover the items by using Active Directory Recycle Bin. (Nothing was deleted)
how can A work? It does not for same reason as D, further MS says:
“Thus tombstone reanimation doesn’t provide a solution for recovering group memberships”
https://technet.microsoft.com/en-us/magazine/2007.09.tombstones.aspx
Among others, benefits of 2012 recycle bin is “restoring group membership”
D is not Correct: http://davidmtechblog.blogspot.com/2014/03/windows-server-2012-active-directory.html = “Restoring Group Membership” only works if the actual GROUP opbject was deleted from AD. “Restoring Group Membership” through the AD recycle bin will not work if users where merely removed from the gruop (NOTE: NOT DELETED OFF AD)
Using DSAMAIN you cannot export or import Objects directly, but you can use alternative tools like ldp, LDIFDE, ADSIEDIT to export items from the mounted DSAMAIN AD Snapshot and import it back into the live AD. So it could be a solution. https://www.petri.com/exporting-active-directory-snapshots-windows-server-2008
Any other comments or suggestions?
I think B or C could be correct, but can’t decide:
A – only works for deleted objects, does not restore memberships: https://www.google.de/search?q=Perform+tombstone+reanimation
B – I could undestand this solution as “somehow” import and export data by *also* using DSAMAIN, not as the only tool…with this point of view this answer could make some sense
C – could work: you have to however temporarily disable replication for affected DC…
D – as A: works for deleted objects but not on changes
opinions?
I had this question on my exam – with the exception that it was an Authoritative restore.
An Authoritative restore is the only real answer. You could load up a snapshot of AD and then manually add in all users, but that is a pain is not an answer.
Tombstone and the AD recycle bin will only work if the group is deleted (Tombstone reanimation will remove all the linked users anyway).
When is sales for cheap notre dame football jerseys? Find site: cheap vintage jerseys nba
Tyler Davis Jersey Amazon Shopper online retail,with link:
http://deliciosoysano.com/wp/?p=212
I am new york rangers hockey jerseys supplier online, take coupon code
here: cheap Major Wright jerseys
Great place to order cheap soccer jerseys under 10 by
Paypal. cheap nba youth jerseys
Ebay same style cheapjerseys us to offer. Online free shipping – chinese jersey site