anthony456 - 2008-5-3 16:39:00
1. Your company has a parent domain A.com and child domain child.A.com. In your parent domain you create a domain global group, and want to add a child domain user account to this group. But you cannot do this because no user account in the child domain can be selected in UI. Why?
2. Your company has a parent domain and three child domains. How many operation masters exist?
3. You want to configure some Internet Explorer Maintenance settings for a group of user. The following steps are performed:
(1). You create a group and add all these uses to this group.
(2). Create an OU and put this group into this OU.
(3). Create a new GPO and define the IE Maintenance settings, link the GPO to the OU.
But you notice all these users don't get these settings applied? What are the possible causes?
4. You want to limit the replication traffic between two domain controllers connected by a WAN link. You also want this link to be used only for replication traffic at night. What should you do?
5. What is the difference between group and OU?
chen231133 - 2008-5-3 19:56:00
一题都不会,看来自己AD水平太烂了,我都不懂如何下手去学习了。:default10:
minglei226 - 2008-5-4 12:22:00
又是英文!!
消失的骑兵 - 2008-5-4 16:28:00
A1:Global Group 中包含的 User 和 Computer 应该来自同一个域。
A2:14个。
A3:组策略只对用户和计算机生效,组不行。
A4:不知道这两台DC是否在同一个站点中,是否在同一个域中,应该可以在站点与服务控制台里设置相关的复制时段。
A5:Group 是用户的集合,组有两种,安全组和分发组;安全组主要用来进行权限分配,也能作为信息分发;分发组则只能用于信息分发。
OU 是一种容器,是 AD 管理的层级,主要是安全策略的分配。可以为 组 赋权限,但不能对 OU 赋权限(访问资源的权限)。
一个用户只能归属到一个OU,但能关联到多个组。
PS:这个也是Q3的说明:default6:
qqevoli - 2008-5-4 17:30:00
呵呵。。。学到了!
anthony456 - 2008-5-6 16:44:00
我的答案(不知道对不对):
1. Parent domain A.com cannot find the users in domain child.A.com. Because A.com domain only have the information of global group in child.A.com,but have not the information of users in child.A.com.The GC in domain A.com only stores the global group information in the domain forest.
2.Parent domain have 5 FMSO,child domain have 3FMSO. So the answer is 5+3*3=14.
3.Because the group policy only works in objects.Objects contain users and computers.
4.There are two situations:
The first situation is two DCs in one site.You can modify the schedule of NTDS Settings in each DC.
The second situation is two DCs in two sites.You can modify the schedule of IP in inter-site transports.
5.Group have a SID,so it can access the resource of domain by authority.OU can not.
Group policy can works in objects of OU,but can not works in objects of group.
hu117 - 2008-6-3 10:26:00
基础知识
soundice - 2008-7-25 23:05:00
E文,不行看不懂,哎!!!
sunxw - 2008-7-29 14:07:00
英文版的不错
whhlf - 2008-8-2 23:52:00
谢谢楼主分享