Free Practice Questions for Microsoft AZ-800 Exam

To map \\dd.contoso.com\instal1 as drive H for all users using Group Policy Preferences and ensure that the new drive mapping takes precedence over any existing mappings, follow these steps:

Step 1: Open Group Policy Management Console Open the Group Policy Management Console (GPMC) on a machine that has administrative privileges over the domain.

Step 2: Create or Edit a GPO Create a new Group Policy Object (GPO) or edit an existing one that applies to the users who need the drive mapping.

Step 3: Navigate to Drive Mappings In the GPO Editor, navigate to:

User Configuration -> Preferences -> Windows Settings -> Drive Maps

Step 4: New Drive Mapping Right-click on Drive Maps and select New -> Mapped Drive.

Step 5: Configure Drive Mapping In the New Drive Properties window, configure the following settings:

Action: Select Replace. This action will overwrite any existing mappings with the same drive letter.

Location: Enter the UNC path \\dd.contoso.com\instal1.

Drive Letter: Choose H: from the drop-down menu.

Reconnect: Check this option if you want the drive mapping to persist across logon sessions.

Label As: Optionally, provide a label for the drive mapping.

Hide/Show this drive: Set according to your preference.

Hide/Show all drives: Set according to your preference.

Step 6: Common Tab Go to the Common tab and configure the following:

Run in logged-on user’s security context (user policy option): Check this option.

Item-level targeting: Click on Targeting and set up any specific criteria if needed.

Step 7: Apply the GPO Click Apply and then OK to save the drive mapping configuration.

Step 8: Link the GPO Link the GPO to an Organizational Unit (OU) or domain that contains the users who should receive the drive mapping.

Step 9: Update Group Policy Instruct users to log off and log back on, or use the gpupdate /force command to refresh Group Policy on their computers.

To configure the domain to support the creation of gMSAs, you need to perform the following steps:

On a domain controller or a computer that has the Remote Server Administration Tools (RSAT) installed, open PowerShell as an administrator and run the following command to install the Active Directory module:

Install-WindowsFeature -Name RSAT-AD-PowerShell

Run the following command to create a Key Distribution Service (KDS) root key, which is required for generating passwords for gMSAs. You only need to do this once per domain:

Add-KdsRootKey -EffectiveImmediately

Wait for at least 10 hours for the KDS root key to replicate to all domain controllers in the domain. Alternatively, you can use the -EffectiveTime parameter to specify a past date and time for the KDS root key, but this is not recommended for security reasons. For more information, see Add-KdsRootKey.

After the KDS root key is replicated, you can create and configure gMSAs using the New-ADServiceAccount and Set-ADServiceAccount cmdlets. For more information, see Create a gMSA and Configure a gMSA.

One possible solution to ensure that a DHCP scope named scope1 on SRV1 can service client requests is to activate the scope on the DHCP server. A scope must be activated before it can assign IP addresses to DHCP clients. To activate a DHCP scope on SRV1, perform the following steps:

On SRV1, open DNS Manager from the Administrative Tools menu or by typing dnsmgmt.msc in the Run box.

In the left pane, expand your DHCP server and click on IPv4.

In the right pane, right-click on the scope that you want to activate, such as scope1, and select Activate.

Wait for the scope to be activated. You can verify the activation status by checking the icon next to the scope name. A green arrow indicates that the scope is active, while a red arrow indicates that the scope is inactive.

Now, the DHCP scope named scope1 on SRV1 can service client requests and lease IP addresses to DHCP clients. You can test the DHCP service by using the ipconfig /renew command on a DHCP client computer that is connected to the same subnet as the scope.

One possible solution to register SRV1 to sync Azure file shares using the 34646045 Storage Sync Service is to use the Register-AzStorageSyncServer cmdlet from the Az.StorageSync module. This cmdlet establishes a trust relationship between the server and the Storage Sync Service, which is required for creating server endpoints and syncing files. Here are the steps to register SRV1 using the cmdlet:

On SRV1, open PowerShell as an administrator and run the following command to install the Az.StorageSync module if it is not already installed:

Install-Module -Name Az.StorageSync

Run the following command to import the Az.StorageSync module:

Import-Module -Name Az.StorageSync

Run the following command to sign in to your Azure account and select the subscription that contains the 34646045 Storage Sync Service:

Connect-AzAccount

Select-AzSubscription -SubscriptionId

Run the following command to register SRV1 with the 34646045 Storage Sync Service. You need to specify the resource group name and the Storage Sync Service name as parameters:

Register-AzStorageSyncServer -ResourceGroupName -StorageSyncServiceName 34646045

Wait for the registration to complete. You can verify the registration status by checking the Registered servers tab on the Azure portal or by running the following command:

Get-AzStorageSyncServer -ResourceGroupName -StorageSyncServiceName 34646045

Now, SRV1 is registered with the 34646045 Storage Sync Service and ready to sync Azure file shares. You can create server endpoints on SRV1 and cloud endpoints on the Azure file shares to define the sync topology.