Your company has a single Active Directory directory service domain with three domain controllers. You need to move domain-wide FSMO roles to a different domain controller. Which tool should you use?

You have a Windows Server 2003 Active Directory directory service environment that has two domain controllers, two Terminal Services servers, and two file servers. You deploy an application to the Terminal Services servers and the file servers by using a Group Policy object (GPO). The application is installed on the file servers. However, it is not installed on the Terminal Services servers. You need to install the application on the Terminal Services servers. What should you do?

You have a single Active Directory directory service forest named contoso.com. You have a domain controller named DC1 in the Domain Controllers organizational unit (OU). You change a public key Group Policy setting in the Default Domain Controllers Policy. You need to apply the public key Group Policy change to DC1 immediately. What should you do?

Your company uses a third-party application that is packaged as a Windows Installer file (MSI) and deployed through a Group Policy object (GPO). You are deploying an update to all client computers that have the application installed. You place the MSI file in a shared folder on a file server. You need to ensure that when the new version is installed, users do not lose any personal settings that they made in the existing version. What should you do?

You are the network administrator for Southridge Video. The network consists of a single Active Directory domain named southridgevideo.com. The domain contains one domain controller. All servers run Windows Server 2003. All client computers run Windows XP Professional. The company uses Group Policy objects (GPOs) to configure user and computer settings. The Active Directory database and the SYSVOL shared folder are stored on separate hard disks. The hard disk containing the SYSVOL folder fails. Some Group Policy settings are still applied, but new users do not receive the Group Policy settings. You replace the failed disk. You discover that there are no valid backups of the SYSVOL folder. You have a list of GUIDs and friendly names for each GPO. On the new disk, you create a new shared folder named SYSVOL in the same location as the previous SYSVOL folder. You need to configure the network so hat the user and computer settings will be applied to all users. Which three courses of action should you take? (Each correct answer presents part of the solution. Choose three.)

You have a single Active Directory directory service domain. All client computers run either Windows XP or Windows Vista and are in an organizational unit (OU) named Client Computers. You create a new Group Policy object (GPO) named Secure Desktop to apply security settings. You link the GPO to the Client Computers OU. You examine a users client computer and find that the security settings have not been applied. You need to ensure that the security settings in the GPO are applied immediately after linking the GPO to the OU. What should you do?

You are the network administrator for your company. The network consists of a single Active Directory domain. The following table shows the types and quantities of Windows Server 2003 Web and database servers in the domain. The computer accounts for the Web and database servers are located in the default Computers container. The domain also includes many organizational units (OU) that contain other computer accounts. Your company plans to use Group Policy objects (GPOs) to centrally apply security settings to the Web and database server computers. The settings need to be applied as follows: Some security settings need to apply to all Web and database servers. Some security settings need to apply to the nonproduction servers only. Some security settings need to apply to the production servers only and must not be overridden. Other security settings need to apply to specific server types only. You need to create an organizational unit (OU) structure to support the GPO requirements. You want to create as few GPOs and links as possible while using only the default security permissions for GPO links. You also want to limit the number of GPO links to one link per GPO. What should you do?

You have a single Active Directory directory service domain. All domain controllers run Windows Server 2003. You are configuring a software restriction policy. You need to allow users to run only a defined set of executables. What should you do?