ExamTopics Logo
Mail Us[email protected]
Menu
Microsoft Discussions
exam questions

Exam 70-412 All Questions

View all questions & answers for the 70-412 exam
Go to Exam

Exam 70-412 topic 2 question 50 discussion

Actual exam question from Microsoft's 70-412
Question #: 50
Topic #: 2
[All 70-412 Questions]

Your network contains an Active Directory domain named adatum.com. The domain contains two domain controllers that run Windows Server 2012 R2. The domain controllers are configured as shown in the following table.

You log on to DC1 by using a user account that is a member of the Domain Admins group, and then you create a new user account named User1.
You need to prepopulate the password for User1 on DC2.
What should you do first?

  • A. Connect to DC2 from Active Directory Users and Computers.
  • B. Add DC2 to the Allowed RODC Password Replication Policy group.
  • C. Add the User1 account to the Allowed RODC Password Replication Policy group.
  • D. Run Active Directory Users and Computers as a member of the Enterprise Admins group.
Show Suggested Answer Hide Answer
Suggested Answer: D 🗳️
To prepopulate the password cache for an RODC by using Active Directory Users and Computers (see step 1 below).
Administrative credentials: To prepopulate the password cache for an RODC, you must be a member of the Domain Admins group.
Click Start, click Administrative Tools, and then click Active Directory Users and Computers.

✑ Ensure that Active Directory Users and Computers points to the writable domain controller that is running Windows Server 2008, and then click Domain
Controllers.
✑ In the details pane, right-click the RODC computer account, and then click Properties.
✑ Click the Password Replication Policy tab.
✑ Click Advanced.
✑ Click Prepopulate Passwords.
✑ Type the name of the accounts whose passwords you want to prepopulate in the cache for the RODC, and then click OK.
✑ When you are asked if you want to send the passwords for the accounts to the RODC, click Yes.
Note: You can prepopulate the password cache for an RODC with the passwords of user and computer accounts that you plan to authenticate to it. When you prepopulate the RODC password cache, you trigger the RODC to replicate and cache the passwords for users and computers before the accounts try to log on in the branch office.
Incorrect:
Not C. You don't need to add User1 to the Allowed RODC Password Replication Policy group. As a first step you should run Active Directory Users and
Computers as a member of the Domain/Enterprise Admins group.-
Reference: Password Replication Policy Administration
http://technet.microsoft.com/en-us/library/cc753470(v=ws.10).aspx#BKMK_pre
by flowbro at Dec. 16, 2019, 5:58 a.m.

Comments

Chosen Answer:
This is a voting comment (?). It is better to Upvote an existing comment if you don't have anything to add.
Switch to a voting comment New
Submit Cancel
flowbro
Highly Voted 5 years, 4 months ago
Believe this should be C. You are already a domain admin
upvoted 5 times
...
Sharma
Most Recent 4 years, 5 months ago
Answer is c confirmed please check the link below. https://www.faqforge.com/windows-server-2016/prepopulate-passwords-cache-read-domain-controller-windows-server-2016/
upvoted 3 times
...
Rezerestibeiro27
4 years, 6 months ago
C it is..
upvoted 2 times
...
wazmac
4 years, 10 months ago
I have to agree with flowbro, you are already logged in as a Domain Admin, why would you log out and log back in with Enterprise Admin to do the same thing. I have checked other sites it's such a contentious question I hope it does not appear in my exam in a few weeks time..
upvoted 2 times
...
DanStafford
4 years, 10 months ago
The reason it's D is because you don't have to add the user account to the Allowed RODC Password Replication Policy group, that gets done automatically as part of the prepopulation process. Neither A nor B are relevant' so D is the only thing left that is a possible first step that would work. That being given, the answer choice here is pretty lame, because a Domain Admin could do it also, and you're already logged in as a Domain Admin. Trickety.
upvoted 1 times
...
antonskd
5 years, 2 months ago
Dump question. we do not have to do anything with the EA account. You only need pre-populate RODC with the password. Allowed RODC Password Replication Group is Domain Local. Members in this group can have their passwords replicated to all read-only domain controllers in the domain
upvoted 1 times
...
DanStafford
5 years, 3 months ago
Is the account automatially added to the Allowed RODC Password Replication Policy group when you pre-poulated it to the RODC?
upvoted 1 times
...
Community vote distribution
A (35%)
C (25%)
B (20%)
Other
Most Voted
A voting comment increases the vote count for the chosen answer by one.

Upvoting a comment with a selected answer will also increase the vote count towards that answer by one. So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.

SaveCancel
exam
Someone Bought Contributor Access for:
SY0-701
London, 1 minute ago