You need to ensure that a user named Contoso\\User1 can…

Your network contains an Active Directory domain named contoso.com. All domain controllers run Windows
Server 2012 R2.
In a remote site, a support technician installs a server named DC10 that runs Windows Server 2012 R2. DC10
is currently a member of a workgroup.
You plan to promote DC10 to a read-only domain controller (RODC).
You need to ensure that a user named Contoso\\User1 can promote DC10 to a RODC in the contoso.com
domain.
The solution must minimize the number of permissions assigned to User1.
What should you do?

Your network contains an Active Directory domain named contoso.com. All domain controllers run Windows
Server 2012 R2.
In a remote site, a support technician installs a server named DC10 that runs Windows Server 2012 R2. DC10
is currently a member of a workgroup.
You plan to promote DC10 to a read-only domain controller (RODC).
You need to ensure that a user named Contoso\\User1 can promote DC10 to a RODC in the contoso.com
domain.
The solution must minimize the number of permissions assigned to User1.
What should you do?

A.
From Active Directory Administrative Center, pre-create an RODC computer account.

B.
FromNtdsutil, run the local roles command.

C.
FromDsmgmt, run the local roles command.

D.
Join DC10 to the domain. Run dsmod and specify the /server switch.

Explanation:
A staged read only domain controller (RODC) installation works in two discrete phases:
1. Staging an unoccupied computer account
2. Attaching an RODC to that account during promotion

Show Hint

Leave a Reply 1

Your email address will not be published. Required fields are marked *