Prev Question
Next Question

Your network contains two Active Directory forests named contoso.com and adatum.com. Each forest contains one domain. Contoso.com has a two-way forest
trust to adatum.com. Selective authentication is enabled on the forest trust.
Contoso contains 10 servers that have the File Server role service installed. Users successfully access shared folders on the file servers by using permissions
granted to the Authenticated Users group.
You migrate the file servers to adatum.com.
Contoso users report that after the migration, they are unable to access shared folders on the file servers.
You need to ensure that the Contoso users can access the shared folders on the file servers.
What should you do?

A. Disable selective authentication on the existing forest trust.

B. Disable SID filtering on the existing forest trust.

C. Run netdom and specify the /quarantine attribute.

D. Replace the existing forest trust with an external trust.

Explanation:
Although it is not recommended, you can use this procedure to disable security identifier (SID) filter quarantining for an external trust with the Netdom.exe tool. You
should consider disabling SID filter quarantining only in the following situations:
* Users have been migrated to the trusted domain with their SID histories preserved, and you want to grant those users access to resources in the trusting domain
(the former domain of the migrated users) based on the sIDHistory attribute.
Etc.
Reference: Disabling SID filter quarantining
http://technet.microsoft.com/en-us/library/cc794713(v=ws.10).aspx

Prev Question
Next Question

Leave a Reply

Your email address will not be published. Required fields are marked *