PrepAway - Latest Free Exam Questions & Answers

You need to restore the deleted user account

Your network contains an Active Directory domain. The domain contains two Active Directory sites namedSite1
and Site2. Site1 contains two domain controllers named DC1 and DC2. Site2 contains two domain controller
named DC3 and DC4. The functional level of the domain is Windows Server 2008 R2. The functional level of
the forest is Windows Server 2003. Active Directoryreplication between Site1 and Site2 occurs from 20:00 to
01:00 every day.
At 07:00, an administrator deletes a user account while he is logged on to DC1.
You need to restore the deleted user account. You want to achieve this goal by using the minimum amount of
administrative effort.
What should you do?

PrepAway - Latest Free Exam Questions & Answers

A.
On DC1, run the Restore-ADObject cmdlet.

B.
On DC3, run the Restore-ADObject cmdlet.

C.
On DC1, stop Active Directory Domain Services, restore the System State, and then start Active Directory
Domain Services.

D.
On DC3, stop Active Directory Domain Services, perform an authoritative restore, and then start Active
Directory Domain Services.

Explanation:
Practically the same question as J/Q2 and K/Q28.
We cannot use Restore-ADObject, because Restore-ADObject is a part of the RecycleBin feature, and you
can only use Recycle Bin when the forest functionallevel is set to Windows Server 2008 R2. In the question
text it says “The functional level of the forest isWindows Server 2003.”
See http://technet.microsoft.com/nl-nl/library/dd379481.aspx
Performing an authoritative restore on DC3 updates the Update Sequence Number (USN) on that DC, which
causes it to replicate the restored user account toother DC’s.
Reference 1:
MS Press – Self-Paced Training Kit (Exam 70-640) (2nd Edition, July 2012)
page 692
An authoritative restore restores data that was lost and updates the Update Sequence Number (USN) for the
data to make it authoritative and ensure that it isreplicated to all other servers.
Reference 2:
http://technet.microsoft.com/en-us/library/cc755296.aspx
Authoritative restore of AD DS has the following requirements:
(…)
You must stop the Active Directory Domain Services servicebefore you run the ntdsutil authoritative restore
commandand restart the service after the command is complete.


Leave a Reply