PrepAway - Latest Free Exam Questions & Answers

Which naming context should you use?

HOTSPOT
Your network contains an Active Directory forest named contoso.com. The forest contains a single
domain. All domain controllers run Windows Server 2012 R2 and are configured as DNS servers. All DNS
zones are Active Directory-integrated. Active Directory Recycle Bin is enabled.
You need to modify the amount of time deleted objects are retained in the Active Directory Recycle Bin.
Which naming context should you use?
To answer, select the appropriate naming context in the answer area.

PrepAway - Latest Free Exam Questions & Answers

Answer:

Explanation:
Starting in Windows Server 2008 R2, Active Directory now implements a true recycle bin. No longer will
you need an authoritative restore to recover deleted users, groups, OU’s, or other objects. Instead, it is
now possible to use PowerShell commands to bring back objects with all their attributes, backlinks,
group memberships, and metadata.
The amount of time that an object can be recovered is controlled by the Deleted Object Lifetime (DOL).
This time range can be set on the msDS-deletedObjectLifetime attribute. By default, it will be the same
number of days as the Tombstone Lifetime (TSL). The TSL set for a new forest since Windows Server2003 SP1 has been 180 days*, and since by default DOL = TSL, the default number of days that an object
can be restored is therefore 180 days. If tombstoneLifetime is NOT SET or NULL, the tombstone lifetime
is that of the Windows default: 60 days. This is all configurable by the administrator.
Set-ADObject -Identity “CN=Directory Service,CN=Windows
NT,CN=Services,CN=Configuration,DC=contoso,DC=com” -Partition
“CN=Configuration,DC=contoso,DC=com” -Replace: @(“msDS-DeletedObjectLifetime” = 365)
msDS-deletedObjectLifetime
New to Windows Server 2008 R2
Is set on the “CN=Directory Service,CN=Windows NT, CN=Services, CN=Configuration,
DC=COMPANY,DC=COM” container
Describes how long a deleted object will be restorable
To modify the deleted object lifetime by using Ldp.exe
To open Ldp.exe, click Start, click Run, and then type ldp.exe.
To connect and bind to the server hosting the forest root domain of your Active Directory environment,
under Connections, click Connect, and then click Bind.
In the console tree, right-click the CN=Directory Service,CN=Windows NT,CN=Services,CN=Configuration
container, and then click Modify.
In the Modify dialog box, in Edit Entry Attribute, type msDS-DeletedObjectLifeTime.
In the Modify dialog box, in Values, type the number of days that you want to set for the tombstone
lifetime value. (The minimum is 3 days.)
In the Modify dialog box, under Operation click Replace, click Enter, and then click Run.
http: //technet. microsoft. com/en-us/library/dd392260%28v=ws. 10%29.aspx
http: //blogs. technet. com/b/askds/archive/2009/08/27/the-ad-recycle-bin-understandingimplementing-best-practices-and-troubleshooting. aspx


Leave a Reply