Perform a policy trace for the specific user and review the output to isolate the problem.
Review the Events log.
Review the Admin Access log to verify that the user has the correct permissions to access the SVVJDEV resource.
Review the User Access log to verify that the user is getting mapped to both the Domain User role and the SW_DEV role.
第1题:
Your network consists of a single Active Directory domain. User accounts for engineering department are located in an OU named Engineering. You need to create a password policy for the engineering department that is different from your domain password policy. What should you do()
第2题:
You are the network administrator for TestKing.com. The network consists of a single Active Directory domain named testking.com. The functional level of the domain is Windows 2000 native. A global group named Travelling contains 7,000 users. All of these users are assigned portable computers, which they will use to run new POSIX-compliant application. You create a global group named POSIX. For all 7,000 users in Travelling, you change the primary group to POSIX. Members of Travelling now report that they cannot access necessary domain resources. How should you solve this problem?()
第3题:
Your network contains an Active Directory domain. The domain contains a member server that runs Windows Server 2008 R2.You have a folder named Data that is located on the C drive. The folder has the default NTFS permissions configured.A support technician shares C:\Data by using the File Sharing Wizard and specifies the default settings.Users report that they cannot access the shared folder.You need to ensure that all domain users can access the share.What should you do?()
A. Enable access-based enumeration (ABE) on the share.
B. Assign the Read NTFS permission to the Domain Users group.
C. From the Network and Sharing Center, enable public folder sharing.
D. From the File Sharing Wizard, configure the Read permission level for the Domain Users group.
第4题:
Your network consists of Windows XP computers. All computers are joined to a single Active Directory directory service domain and located in a single Active Directory site. You create a new Group Policy object (GPO) and link it to the site. The policy configures default screensaver settings. User accounts of users in the research department are located in an organizational unit (OU) named Research. You need to allow users in the research department to configure a different screensaver setting on their computers. What should you do?()
第5题:
A new software engineer has been hired. As part of the normal hiring process, the user was added to the Active Directory and placed into the Domain Users group and the SW_DEV group. The Domain Users group has access to the company's intranet website and time card system. The SW_DEV group has access to the source code library server. You have created roles that correspond to each Active Directory group. The user calls the help desk stating that they cannot access the source code library server. Which two troubleshooting tools would you use on the Junos Pulse Access Control Service to resolve the issue?()
第6题:
You are the network administrator for your company. The network consists of a single Active Directory domain. All servers run Windows Server 2003. All company data is stored in shared folders on network file servers. The data for each department is stored in a departmental shared folder. Users in each department are members of the departmental global group. Each departmental global group is assigned the Allow - Full Control permission for the corresponding departmental shared folder. Company requirements state that all access to shared folders must be configured by using global groups. A user named Richard works in the sales department. Richard needs to be able to modify files in the Marketing shared folder. You need to ensure that Richard has the minimum permissions for the Marketing shared folder that he needs to do his job. You need to achieve this goal while meeting company requirements and without granting unnecessary permissions. What should you do? ()
第7题:
Contoso, Ltd. has an Active Directory domain named ad.contoso.com. Fabrikam, Inc. has an Active Directory domain named intranet.fabrikam.com. Fabrikam’s security policy prohibits the transfer of internal DNS zone data outside the Fabrikam network. You need to ensure that the Contoso users are able to resolve names from the intranet.fabrikam.com domain. What should you do()
第8题:
Your company has a single-domain Active Directory forest. The functional level of the domain is Windows Server 2008. You perform the following activities. Create a global distribution group. Add users to the global distribution group. Create a shared folder on a Windows Server 2008 member server. Place the global distribution group in a domain local group that has access to the shared folder. You need to ensure that the users have access to the shared folder. What should you do()
第9题:
You are the network administrator for TestKing. The network consists of a single Active Directory domain named testking.com. All domain controllers run Windows Server 2003. The sales department recently hired 10 new employees. User accounts for these employees were created in Active Directory. The manager of the sales department sent you a list of a new users and asked you to add the user accounts to an existing global group named SalesDept. You need to add the users to the SalesDept global group. What are two possible ways to achieve this goal? Each correct answer presents a complete solution. Choose two.()
第10题:
You are a help desk technician for your company. Your company’s network includes an Active Directory domain and Windows XP Professional computers that are configured as members of the domain. Company policy prohibits users from accessing their computers unless they are authenticated by a domain controller. However, users report that they can log on to their computers, even though a network administrator has told them that a domain controller is not available. As a test, you log off of your computer and disconnect it from the network. You discover that you can log on by using your domain user account. You need to ensure that users cannot access their computers unless they are authenticated by a domain controller. How should you configure the local computer policy on these computers? ()