Your network contains an Active Directory forest named contoso.com. The forest contains a single domain. All domain controllers run Windows Server 2012. The
domain contains two domain controllers. The domain controllers are configured as shown in the following table.
You discover that a support technician accidentally removed 100 users from an Active Directory group named Group1 an hour ago. You need to restore the
membership of Group1. What should you do?
A.
Apply a virtual machine snapshot to VM1.
B.
Perform an authoritative restore.
C.
Perform a non-authoritative restore.
D.
Perform tombstone reanimation.
Correct answer is
B. Perform an authoritative restore.
https://technet.microsoft.com/en-us/library/cc816878.aspx
1
0
An authoritative restore process returns a designated, deleted Active Directory object or container of objects to its predeletion state at the time when it was backed up
Non Authoritative Restore: This method reinstates the Active Directory data to the state before the backup, and then updates the data through the normal replication process. Perform a normal restore for a single domain controller to a previously known good state.
You want to target specific members, not the whole AD. Authoritatie Restore.
1
0
Answer is B.
After looking at several test review sites, this one is my favorite because of the User Comments capability.
A couple other sites I was looking at incorrectly identify tombstone re-animation as the correct answer, when in fact authoritative restore is the correct answer.
The following technet article points out that tombstones will not include group memberships: https://technet.microsoft.com/en-us/library/2007.09.tombstones.aspx
0
0
authoritative restore will update existing DCs with the restored data.
Non-authoritative restore will replicate the existing data from another DC.
0
0