Your network contains an Active Directory domain named contoso.com. The domain contains a file server
named Server1 and a domain controller named DC1. All servers run Windows Server 2012 R2.
A Group Policy object (GPO) named GPO1 is linked to the domain.
Server1 contains a folder named Folder1. Folder1 is shared as Share1.
You need to ensure that authenticated users can request assistance when they are denied access to the
resources on Server1.
Which two actions should you perform? (Each correct answer presents part of the solution. Choose two.)
A.
Enable the Enable access-denied assistance on client for all file types policy setting for GPO1.
B.
Configure the Customize message for Access Denied errors policy setting of GPO1.
C.
Install the File Server Resource Manager role service on DC1.
D.
Install the File Server Resource Manager role service on Server1.
E.
Assign the Read Attributes NTFS permission on Folder1 to the Authenticated Users group.
Explanation:
* To configure access-denied assistance by using Group Policy
Open Group Policy Management. In Server Manager, click Tools, and then click Group Policy Management.
Right-click the appropriate Group Policy, and then click Edit.
Click Computer Configuration, click Policies, click Administrative Templates, click System, and then click
Access-Denied Assistance.
Right-click Customize message for Access Denied errors, and then click Edit.
Select the Enabled option.
Etc
*You can configure access-denied assistance within a domain by using Group Policy, or you can configure the
assistance individually on each file server by using the File Server Resource Manager console.
B and D
Agree.
https://4sysops.com/archives/access-denied-assistance-in-windows-server-2012/
I disagree to be honest. Answer “A” enables the feature, answer B is optional. If you don’t enable “Customize message for Access Denied” users will get a default message. When opening the GPO, this is shown in the help:
“If you do not configure this policy setting, users see a standard Access Denied message unless the file server is configured to display the customized Access Denied message. By default, users see the standard Access Denied message.”
I think it should be indeed A and D
To request assistance you should customize the default message.
I think B and D are correct