You need to ensure that a user named Contoso\User1 can promote DC10 to a RODC in the contoso.com domain

Your network contains an Active Directory domain named contoso.com. All domain controllers run
Windows Server 2012 R2.
In a remote site, a support technician installs a server named DC10 that runs Windows Server 2012
R2. DC10 is currently a member of a workgroup.
You plan to promote DC10 to a read-only domain controller (RODC).
You need to ensure that a user named Contoso\User1 can promote DC10 to a RODC in the
contoso.com domain. The solution must minimize the number of permissions assigned to User1.
What should you do?

Your network contains an Active Directory domain named contoso.com. All domain controllers run
Windows Server 2012 R2.
In a remote site, a support technician installs a server named DC10 that runs Windows Server 2012
R2. DC10 is currently a member of a workgroup.
You plan to promote DC10 to a read-only domain controller (RODC).
You need to ensure that a user named Contoso\User1 can promote DC10 to a RODC in the
contoso.com domain. The solution must minimize the number of permissions assigned to User1.
What should you do?

A.
From Active Directory Users and Computers, run the Delegation of Control Wizard on the
contoso.com domain object.

B.
From Active Directory Administrative Center, pre-create an RODC computer account.

C.
From Ntdsutil, run the local roles command.

D.
Join DC10 to the domain. Run dsmod and specify the /server switch.

Explanation:
A staged read only domain controller (RODC) installation works in two discrete phases:
1. Staging an unoccupied computer account
2. Attaching an RODC to that account during promotion

Install a Windows Server 2012 R2 Active Directory Read-Only Domain Controller (RODC)



Leave a Reply 3

Your email address will not be published. Required fields are marked *


Michael

Michael

B is correct,since the server isn’t part of the domain you can pre-stage it in AD.