What should you do?
Your company has an Active Directory forest. The company has three locations. Each location has an organizational unit and a child organizational unit named Sales. The Sales organizational unit contains all users and computers of the sales department. The company plans to deploy a Microsoft Office 2007 application on all computers within the three Sales organizational units.
You need to ensure that the Office 2007 application is installed only on the computers in the Sales organizational units.
What should you do?
What should you do?
Your company’s security policy requires complex passwords. You have a comma delimited file named import.csv that contains user account information.
You need to create user accounts in the domain by using the import.csv file.
You also need to ensure that the new user accounts are set to use default passwords and are disabled.
What should you do?
What should you do?
Your network contains two servers named Server1 and Server2 that run Windows Server 2008 R2. Server1 has Active Directory Federation Services (AD FS) 2.0 installed. Server1 is a member of an AD FS farm. The AD FS farm is configured to use a configuration database that is stored on a separate Microsoft SQL Server. You install AD FS 2.0 on Server2.
You need to add Server2 to the existing AD FS farm.
What should you do?
Which format should you use to export the certificate?
Your network contains two servers named Server1 and Server2 that run Windows Server 2008 R2. Server1 has the Active Directory Federation Services (AD FS) Federation Service role service installed. You plan to deploy AD FS 2.0 on Server2.
You need to export the token-signing certificate from Server1, and then import the certificate to Server2.
Which format should you use to export the certificate?
What should you create on Server1?
Your network contains an Active Directory domain named contoso.com. The domain contains a server named Server1. The Active Directory Federation Services (AD FS) role is installed on Server1. Contoso.com is defined as an account store. A partner company has a Web-based application that uses AD FS authentication. The partner company plans to provide users from contoso.com access to the Web application.
You need to configure AD FS on contoso.com to allow contoso.com users to be authenticated by the partner company.
What should you create on Server1?
What should you do on Server2?
Your network contains an Active Directory domain named contoso.com. The domain contains a server named Server1. Server1 has the Active Directory Federation Services (AD FS) role installed. You have an application named App1 that is configured to use Server1 for AD FS authentication. You deploy a new server named Server2. Server2 is configured as an AD FS 2.0 server.
You need to ensure that App1 can use Server2 for authentication.
What should you do on Server2?
which certificate store should you import the certificates?
You deploy a new Active Directory Federation Services (AD FS) federation server. You request new certificates for the AD FS federation server.
You need to ensure that the AD FS federation server can use the new certificates.
To which certificate store should you import the certificates?
Which inbound TCP port should you allow on Server1?
You deploy an Active Directory Federation Services (AD FS) Federation Service Proxy on a server named Server1.
You need to configure the Windows Firewall on Server1 to allow external users to authenticate by using AD FS.
Which inbound TCP port should you allow on Server1?
Which two actions should you perform?
Your network contains a single Active Directory domain. The domain contains five read-only domain controllers (RODCs) and five writable domain controllers. All servers run Windows Server 2008. You plan to install a new RODC that runs Windows Server 2008 R2.
You need to ensure that you can add the new RODC to the domain. You want to achieve this goal by using the minimum amount of administrative effort.
Which two actions should you perform? (Each correct answer presents part of the solution. Choose two.)
What should you do?
Your company has a main office and a branch office. The branch office has an Active Directory site that contains a read-only domain controller (RODC). A user from the branch office reports that his account is locked out. From a writable domain controller in the main office, you discover that the user’s account is not locked out.
You need to ensure that the user can log on to the domain.
What should you do?