Your network contains two Active Directory forests named contoso.com and fabrikam.com. Each forest contains a single domain.
A two-way forest trust exists between the forests. Selective authentication is enabled on the trust.
Contoso.com contains a group named Group 1.
Fabrikam.com contains a server named Server1.
You need to ensure that users in Group1 can access resources on Server1.
What should you modify?
A.
the permissions of the Group1 group
B.
the UPN suffixes of the contoso.com forest
C.
the UPN suffixes of the fabrikam.com forest
D.
the permissions of the Server1 computer account
Explanation:
Please Check Answer
i think answer shall be D.
the permissions of the Server1 computer account
I think to JoJoBoy.
I agree, The allowed to authenticate permission needs enabling on the computer object when selective authentication is used
I agree, the answer is “D” If you look at the explaination that comes up when you create a forest trust with selective identification, it plainly states that you must grant Individual access to each domain and server that you want to make available to users (and I assume groups). You can do this in Active Directory users and computers. Go to “View” and enable “advanced features” then go to the properties of the server you want and you can add the user or group to permissions on the “Security” tab.
Oops, sorry, I meant “Selective Authentication” not “Selective Identification”.
It should be A.
D speaks of modifying the permissions OF the server.. not ON the server.
So you would be changing the permissions of the server, not the accounts ON the server.
Now, if that is a typo, and it says ON Server1.. then D would be your answer.