PrepAway - Latest Free Exam Questions & Answers

You need to restore the deleted user account

Your network contains an Active Directory domain. The domain contains two Active
Directory sites named Site1 and Site2. Site1 contains two domain controllers named DC1
and DC2. Site2 contains two domain controller named DC3 and DC4. The functional level of
the domain is Windows Server 2008 R2. The functional level of the forest is Windows Server
2003. Active Directory replication between Site1 and Site2 occurs from 20:00 to 01:00 every
day.
At 07:00, an administrator deletes a user account while he is logged on to DC1.
You need to restore the deleted user account. You want to achieve this goal by using the
minimum amount of administrative effort.
What should you do?

PrepAway - Latest Free Exam Questions & Answers

A.
On DC1, run the Restore-ADObject cmdlet.

B.
On DC3, run the Restore-ADObject cmdlet.

C.
On DC1, stop Active Directory Domain Services, restore the System State, and then start
Active Directory Domain Services.

D.
On DC3, stop Active Directory Domain Services, perform an authoritative restore, and
then start Active Directory Domain Services.

Explanation:
We cannot use Restore-ADObject, because Restore-ADObject is a part of the Recycle Bin
feature, and you can only use Recycle Bin when the forest functional level is set to Windows
Server 2008 R2. In the question text it says “The functional level of the forest is Windows
Server 2003.”
See http://technet.microsoft.com/nl-nl/library/dd379481.aspx
Performing an authoritative restore on DC3 updates the Update Sequence Number (USN)
on that DC, which causes it to replicate the restored user account to other DC’s.
Reference 1)
MS Press – Self-Paced Training Kit (Exam 70-640) (2nd Edition, July 2012) page 692
An authoritative restore restores data that was lost and updates the Update Sequence
Number (USN) for the data to make it authoritative and ensure that it is replicated to all other
servers.
Reference 2)
http://technet.microsoft.com/en-us/library/cc755296.aspx
Authoritative restore of AD DS has the following requirements:
You must stop the Active Directory Domain Services service before you run the ntdsutil
authoritative restore command and restart the service after the command is complete.


Leave a Reply