Term
|
Definition
| Authentication and Kerberos Service Ticket Activity can be very slow over WAN links |
|
|
Term
| What does a Password Replication Policy specify |
|
Definition
| Which user account passwords can be replicated to a RODC |
|
|
Term
|
Definition
| If an RODC is not configured with a Password replication policy the the RODC will forward authentication request to the DCs in the hub office |
|
|
Term
|
Definition
| RODCs have the equilvent of a Local Admin group that you can put a user in to maintain the RODC without making that user a Domain Admin |
|
|
Term
| What is the server OSs,Domain/Forest Functional level for RODCs |
|
Definition
| 2003 for all and the one writable 2008 DC |
|
|
Term
| What utility do you have to run to ensure that you can deploy an RODC |
|
Definition
| Navigate to the \sources\adprep folder and run adprep /rodcprep if you have 2003 servers in your environment(remember that you must run /forestprep and /domainprep on the schema master as the Enterprise Admin first) |
|
|
Term
| What feature of Windows Server 2003 provides an RODC with replication consistency |
|
Definition
|
|
Term
| What does Contrained Delegation provide |
|
Definition
| Ensure that credentials cached on an RODC cannot be abused |
|
|
Term
| What does OSs does an RODC replicate from |
|
Definition
| a writable DC running 2008 or 2008R2 |
|
|
Term
| What two stages are need to create a RODC in ADDS |
|
Definition
| Prestage the RODC account(minimum of Domain Admin) then delegate the useror group that can attach the RODC to the prestaged account(if no delegation is set you must be a Domain/Enterprise Admin) |
|
|
Term
| What is the RSOP if a user has the Allow and the Deny RODC Password Repliation permission |
|
Definition
| The Deny takes precendence |
|
|
Term
| How can your control Domain-wide RODC Password replication policies for groups |
|
Definition
-Allowed RODC Password
Replication Group
-Denied RODC Password Replication Group. |
|
|
Term
| What groups are by default in the Denied RODC Password Replication Group |
|
Definition
| the Domain/Enterprise Admins, Group Policy Creator Owners |
|
|
Term
|
Definition
| Computers generate authentication ang service atcivity as well as users |
|
|
Term
| How can you configure RODC-specific Paswword Replication policies |
|
Definition
| Right-click on the RODC(ADAC>choose Properties>The Password Replication Policy |
|
|
Term
| What is the command-line tool to manage the group on a RODC |
|
Definition
Type dsmgmt, and then press Enter.
Type local roles, and then press Enter
Type add username administrators, where username is the pre-Windows 2000 logon name |
|
|
