Your network contains an Active Directory domainnamed litwareinc.com.
The domain contains two sitesnamed Site1and Site2.
Site2contains a read-only domain controller(RODC).
You need to identify which user accounts attempted to authenticate to the RODC.
Which toolshould you use?
A.
Active Directory Users and Computers
B.
Ntdsutil
C.
Get-ADAccountResultantPasswordReplicationPolicy
D.
Adtest
Explanation:
Ntdsutilcannot be used for this.
http://technet.microsoft.com/en-us/library/cc753343.aspx
Get-ADAccountResultantPasswordReplicationPolicyis used to get the members of the allowed list or
denied list of a read-only domain controller’s password replication policy. GetADDomainControllerPasswordReplicationPolicyUsagecould be used, but is not listed.
http://technet.microsoft.com/en-us/library/ee617207.aspx
Adtestis used for perfomance testing.
Reference 1:
http://technet.microsoft.com/en-us/library/cc755310.aspx
Review whose accounts have been authenticated to anRODC
Periodically, you should review whose accounts havebeen authenticated to an RODC. (…)
You can use Active Directory Users and Computers orrepadmin /prp to review whose accounts have been
authenticated to an RODC.
Reference 2:
http://technet.microsoft.com/en-us/library/83a6daba-cdde-4606-97a3-6ebb9d7fa6bf(v=ws.10)#BKMK_Auth2
[Gives a step by step explanation on using Active Directory Users and Computers for this.]