Your network contains an Active Directory domain named contoso.com. The domain contains a file
server named Server1. The File Server Resource Manager role service is installed on Server1. All
servers run Windows Server 2012 R2.
A Group Policy object (GPO) named GPO1 is linked to the organizational unit (OU) that contains
Server1. The following graphic shows the configured settings in GPO1.
Server1 contains a folder named Folder1. Folder1 is shared as Share1.
You attempt to configure access-denied assistance on Server1, but the Enable access-denied
assistance option cannot be selected from File Server Resource Manager.
You need to ensure that you can configure access-denied assistance on Server1 manually by using
File Server Resource Manager.
What should you do?
A.
Set the Customize message for Access Denied errors policy setting to Enabled for GPO1.
B.
Set the Enable access-denied assistance on client for all file types policy setting to Disabled for
GPO1.
C.
Set the Enable access-denied assistance on client for all file types policy setting to Enabled for
GPO1.
D.
Set the Customize message for Access Denied errors policy setting to Not Configured for GPO1.
Explanation:
Ensure that you can configure access-denied assistance
http://technet.microsoft.com/en-us/library/hh831402.aspx#BKMK_1
Should be A, no reason for setting to not configured.
To configure access-denied assistance by using Group Policy
Open Group Policy Management. In Server Manager, click Tools, and then click Group Policy Management.
Right-click the appropriate Group Policy, and then click Edit.
Click Computer Configuration, click Policies, click Administrative Templates, click System, and then click Access-Denied Assistance.
Right-click Customize message for Access Denied errors, and then click Edit.
Select the Enabled option.
0
0
D, reason is possibility to configure manualy by FSRM
0
0
Answer is correct. To configure with FSRM, need GPO not configured.
0
0
If GPO was set to “Disable” and then set to “Not Configured” the setting remains “disabled” on every computer where the GPO was last applied. This is called “tattooing”. The only way to effectively reverse that is to configure as “Enabled”. Correct answer is A.
0
0
Actually, step 5 in the URL referenced clearly states “select the Enabled option” for the GPO setting. https://technet.microsoft.com/en-us/library/hh831402.aspx#BKMK_1
0
0
I agree – answer should be A.
0
0
D is correct answer.
If it is disabled, users see standard Access Denied Message that doesnt provide any functionality controlled by this policy settings. And you can not
configure it manually on File server, it will be not possible.
If it is not configured, users see a standard access denied message unless the file server is configured to display the customized
Access Denied Message. You can configure it manually on File server.
0
0
Correct answer is D, checking in my lab both policies are set as no configure and I’m able to configure manually access denied assistance.
0
0
Correct answer is D, as when Customize message for Access Denied errors policy entry configuared by GPO ether enable or disable , you cannĀ“t controll it from File Server Receource Manager
0
0