Your network contains an Active Directory domain named contoso.com.
All domain controllers run Windows Server 2012 R2. The domain contains two domain controllers.
The domain controllers are configured as shown in the following table.
The Branch site contains a perimeter network.
For security reasons, client computers in the perimeter network can communicate with client
computers in the Branch site only.
You plan to deploy a new RODC to the perimeter network in the Branch site.
You need to ensure that the new RODC will be able to replicate from DC10.
What should you do first on DC10?
A.
Run dcpromo and specify the /createdcaccount parameter.
B.
Run the Active Directory Domain Services Configuration Wizard.
C.
Run the Add-ADDSReadOnlyDomainControllerAccount cmdlet.
D.
Enable the Bridge all site links setting.
Explanation:
Creates a read-only domain controller (RODC) account that can be used to install an RODC in Active
Directory.
Note:
* Notes
Once you have added the RODC account, you can add an RODC to a server computer by using the
Install-ADDSDomainController cmdlet with the -ReadOnlyReplica switch parameter.
* Example
Adds a new read-only domain controller (RODC) account to the corp.contoso.com domain using the
North America site as the source site for the replication source domain controller.
C:\PS>Add-ADDSReadOnlyDomainControllerAccount -DomainControllerAccountName RODC1 –
DomainName corp.contoso.com -SiteName NorthAmerica Add-ADDSReadOnlyDomainControllerAccount
the correct answer is D
Enable the Bridge All Site Links setting
Reasons:
-An RODC cannot be a source domain controller for any other domain controller because it cannot perform outbound replication.
-The RODC can replicate other partitions, including application directory partitions and global catalog partitions, from any writable domain controller that runs either Windows Server 2003 or Windows Server 2008
https://technet.microsoft.com/en-us/library/cc732632(v=ws.10).aspx#
0
3
Why would D be correct? The new RODC will need to replicate from DC10, which is a RODC itself. As per your comment, RODC can only replicate from any “writable domain controller”. You would have to demote DC10 and re-add it back in as a writable domain controller first.
Correct answer is B.
There’s also another question with exactly the same scenario, but different answer choices. One of the choice is “Run the Uninstall-ADDSDomainController cmdlet”, which makes sense as we want to demote RODC as per above. Both answers support my opinion.
2
0
This is a same question as 374 with modified options where the answer is ‘Create an Active Directory site link bridge’. Since this option is not available here answer B is the closest bet.
http://www.aiotestking.com/microsoft/you-need-to-ensure-that-the-new-rodc-will-be-able-to-replicate-from-dc10-4/
0
0
Nope, there the answer is again to make the RODC writable…. Please don’t propagate wrong information…
0
0
Hippo is correct. The question states that we must replicate from DC10. DC10 is currently an RODC and it is impossible to replicate from an RODC. We must make the RODC writable by using the Active Directory Domain Services Configuration wizard to demote the DC and then promote it to a writable domain controller.
0
0
correct answer B
1
0
Answer: B
RODC can not be used as a replication source.
1
0