Yournetwork contains an Active Directory domain named contoso.com.
The domain contains a main office and a branch office.
An Active Directory site exists for each office.
All domain controllers run Windows Server 2012 R2.
The domain contains two domain controllers.
DC1 hosts an Active Directory- integrated zone for contoso.com.
Youadd the DNS Server server role to DC2.
Youdiscover that the contoso.com DNS zone fails to replicate to DC2.
Youverify that the domain, schema, and configuration naming contexts replicate from DC1 to DC2.
Youneed to ensure that DC2 replicates the contoso.com zone by using Active Directory replication.
Which tool should you use?
A.
Dnscmd
B.
Dnslint
C.
Repadmin
D.
Ntdsutil
E.
DNS Manager
F.
Active Directory Sites and Services
G.
Active Directory Domains and Trusts
H.
Active Directory Users and Computers
Explanation:
http://technet.microsoft.com/en-us/library/cc739941(v=ws.10).aspx If you see question about AD
Replication, First preference is AD sites and services, then Repadmin and then DNSLINT.
Rather bad question.
Nothing is said about were DC1 or DC2 are located. Nothing is said about SiteLInks. And you verify domein, schema and configuration naming contexts replication…. and the conclusion of that is?
But answers A, D, G and H are not to the point.
DNSLINT (/AD) could help finding problems with records needed for replication;
REPLADMIN could help finding general AD replication problems;
DNS Manager could help checking DNS Server config
ADS&S could help check for problems regarding SiteLinks etc.
But as we have little info, I could not make a choise here.
0
0
I’ve seen this question multiple times in multiple versions. This one here is missing the exhibit, which tells you that DC2 is a RODC.
Conclusion:
– If you install DNS server after the AD DS installation, you must also enlist the RODC in the DNS application directory partitions.
keyword here “AD replication”
– with ntdsutil, you use AD replication
– with dnscmd, dnslint or dns manager, you use DNS replication
If you see ntdsutil, choose that as the first priority. If you don’t see that, choose dnscmd etc.
This answer is aggregated from the majority of the comments I’ve read across multiple versions. The above makes the most sense and is the answer voted by the majority.
1
0
According to the article, dnscmd should be your first option. ntdsutil is used if dnscmd throws an error.
https://technet.microsoft.com/en-us/library/cc742490
Complete question with exhibit 328.
0
0
I agree and have tested it in a lab. First you use DNSCMD /enlistdirectorypartition and enlist it in the AD directory partition for that zone. Then the zone will replicate to the rodc with AD replication.
0
0
Actually the real answer is B. There is nothing about an RODC in the question. This means we need to actually troubleshoot why it isn’t working. The first step would be to use DNSlint to make sure all the required records are there for replication.
0
1
Bob, what Ricky says is correct. There is supposed to be an exhibit included with the question that undoubtedly shows that DC2 is an RODC server.
You can pick Dnslint when you see this question on your certification test, but you are going to lose points because you should be selecting what the correct answer is based on how the question is supposed to appear.
Just do a search on the question text and you should be bound to find the question with the included exhibit.
0
0
I would go with the provided answer (F), specifically because of the following line in the question: You need to ensure that DC2 replicates the contoso.com zone by using Active Directory replication.
They seem to be pushing DNSLint for troubleshooting., but the wording of this question pushes the answer towards replication, which in this case would be D.
Now if F should be chosen over C, I am not sure since you can initiate replication from either tool….
0
0
Not D, that was a typo.
0
0
Actually this is all wrong.
I would go with the answer B DNSLint for troubleshooting.
The wording in the question has no bearing on this. Syncing AD with repadmin or sites and services will NOT replicate the DNS info, because the RODC (installed initially without DNS integration) is not part of the DNS replication partition (DomainDNSZones.contoso.com).
The only functional answers to correct the issue is dnscmd & NTDSUtil, but this is a single answer question.
The correct commands to resolve the issue should be:
dnscmd DC2 /EnlistDirectoryPartition DomainDNSZones.vapor.com
or
ntdsutil
partition management
connections
connect to server DC1.contoso.com
quit
add NC Replica DC=DomainDNSZones, DC=Contoso,DC=Com DC2.contoso.com
0
0
Assuming DC2 is an RODC, do you not need to make sure that the RODC has a writeable domain controller listed as name server?
“Writable Domain Controllers are always pointing the SOA to them self, because they all host writable copies of Active Directory-Integrated Zones, How ever RODCs doesn’t host writable copies of those and therefore points the SOA to an Writable Domain Controller using the following SOA selection model.
Trying to select a writable domain controller that is running Windows Server 2008 and is published as a NS for the zone…”
https://social.technet.microsoft.com/wiki/contents/articles/4031.how-read-only-domain-controllers-and-dns-works.aspx
So surely the answer would be DNS manager E. We could check to see that a writeable DC is in the list of Name servers.
I’d agree that if RODC is not mentioned then I would choose DNS Lint B
0
0
Looking at this
https://docs.microsoft.com/en-us/previous-versions/windows/it-pro/windows-server-2008-R2-and-2008/cc742490(v=ws.10)?redirectedfrom=MSDN
I now think it’s 1st choice: dnscmd, 2nd choice ntdsutil
So answer here would be A
0
0