###BeginCaseStudy###
Case Study: 4
A Datum Corporation Overview
A Datum Corporation is an airline catering company that has 8,000 users. A. Datum has
three main offices. The offices are located in Detroit, Chicago, and New York.
Existing Environment
Active Directory Environment
The network contains an Active Directory forest named adatum.com. The forest contains a
single domain. All domain controllers run Windows Server 2012.
Each main office contains two domain controllers. Each office is configured as an Active
Directory site.
The functional level of the forest is Windows Server 2012.
Network Infrastructure
The offices connect to each other by using a dedicated WAN link. Only the office in New
York and the office in Detroit connect directly to the Internet. Each office has a firewall.
The public DNS records for A. Datum are configured as shown in the following table.
The external interface for the firewall in the New York office is configured to use an IP
address of 131.107.1.200 and to pass inbound traffic on port 25 and port 443 to EX2.
The external interface for the firewall in the Detroit office is configured to use an IP address
of 131.107.2.200 and to pass inbound traffic on port 443 to EX4.
The Active Directory site is configured as shown in the Sites exhibit. (Click the Exhibit
button.)
Exchange Server Organization
A Datum has an Exchange Server 2013 organization that contains two servers. The servers
are configured as shown in the following table.
Each server contains 15 mailbox databases.
Users use the name mail.adatum.com to connect to their mailbox from the Internet. The
users use the FQDN of the servers to connect from the internal network.
AM of the users in the Detroit office have a mailbox hosted on EX2.
The default email address policy contains a single email address format of @adatum.com.
A separate Send connector exists for the Chicago office and the New York office. The local
servers in each office are the only source servers in each Send connector.
The New York office is configured as a hub site. Antimalware filtering is disabled on EX1 and
EX2.
Problem Statements
A Datum identifies the following issues:
• Users in the Detroit office report that sometimes, Microsoft Outlook takes a long
time to open.
• During a recent storage failure, administrators failed to restore the latest backup and
lost all of the email messages from the previous 48 hours.
• Users report that the email messages sent to some Internet domains are not
received. Users in the Chicago office report that some of their email messages generate a
non-delivery report (NDR).
• The help desk in the New York office reports that its most common Exchange-related
task is to restore email messages that were deleted by users more than 14 days ago. The
task requires time-consuming restore operations by the help desk.
Requirements
Business Requirements
A Datum wants to provide users with the ability to access their email from Internet Explorer
10, even when the users are disconnected from the network. This ability must only be
available if the users log on to Outlook Web Access by using the Private option.
Planned Changes
You plan to deploy three additional Exchange Server 2013 servers. The servers will be
configured as shown in the following table.
After the planned deployment, all of the mailboxes of the Detroit office users will be moved
to EX3. All of the Detroit office users will use the name detroitmail.adatum.com when they
connect from the Internet and the name ex4.adatum.com when they connect from the
internal network.
Technical Requirements
A Datum identifies the following technical requirements:
• All existing and future mailboxes must be limited to 5 GB of storage.
• Antimalware and anti-spam filtering must be enabled for the entire Exchange Server
organization.
• If storage for the mailbox database fails, administrators must be able to recover
email messages handled by transport services for to the last five days.
• Only the members of a group named Executives must be able to schedule meetings
in a room mailbox named Boardroom. Meeting requests must not be moderated.
• All of the servers in the New York office that have the Client Access server role
installed must be accessed by using a load balancing solution that can mark a server as
down ifa specific URL on the server is unavailable.
Mailbox Creation Requirements
A Datum identifies the following requirements for creating new mailboxes:
• All mailboxes must automatically have single item recovery enabled.
• All mailboxes must automatically have the Exchange ActiveSync feature disabled.
###EndCaseStudy###
You need to recommend a solution to resolve the issue of email messages not being received on the
Internet. What should you include in the solution?
A.
Modify the CNAME record.
B.
Add an MX record.
C.
Modify the TXT record.
D.
Add a pointer (PTR) record.
Correct answer is D. Add a pointer (PTR) record.
PTR Record
A DNS PTR record – for those of you who are wondering – is a special entry in the Domain
Name System
(DNS) that basically maps an IP address (like 65.55.12.249) to a domain name (like
wwwco2vip.microsoft.com). Having a DNS PTR record for your IP address is (somewhat) a
sign of reliability in the Internet, since only the owner of a specific network zone has the
ability to create and edit these DNS records.
Today, most mail exchangers will check this record for each incoming connection and may
abort the communication if they find your IP address does not have an associated DNS
PTR entry: because of this reason, always suggest to make sure your public servers IP
addresses have DNS PTR records configured properly. While EmailVerify.NET can
validate email addresses even without a DNS PTR entry configured, the quality of the
validation results in this event may be suboptimal.
Detroit and New York users have direct connection to the internet but not Chicago users.
It appears that via a Send Connector Chicago email is sent to New York mail server.
Given this then the spf txt record listing the New York mail server is correct (131.107.1.200)
and there should not be any issues with the Chicago email
Once the planned changes have been implemented then the DNS txt record would have to
accommodate the Detroit Mail server (EX4) (131.107.2.200) in order for the email to
function correctly for Detroit users.
However the question relates to Chicago users not Detroit users. Because the issue is with sending not OWA by Port 443 on Ex4.
TXT Record
A TXT record is an entry within the Domain Name System (DNS) that provides
supplemental information about your domain.
A TXT (text) record is used to hold some text information. You can put virtually any free text
you want within a TXT record.
A TXT record has a hostname so that you can assign the free text to a particular
hostname/zone.
The most common use for TXT records is to store SPF (sender policy framework) records
and to prevent emails being faked to appear to have been sent from you.
The name field of the SPF record should be left blank unless mail is sent from a subdomain
such as [email protected]. If this was the case “mail” would be entered in
the name field of the record.
Alternatively, of email is sent from [email protected], the name field is left blank.
The data field of the record is populated with the list of hosts that are permitted to send
email for the domain in SPF record format.
I’m struggling with this one. It seems as if the lack of either the TXT/SPF or PTR records could cause the stated issues. We’re not told that the organization has undergone any recent migrations or movement of the send connectors. Due to this, I’m leaning toward the lack of a PTR as being the culprit.