###BeginCaseStudy###
Case Study: 1
Contoso Ltd
Overview
Contoso, Ltd., is a healthcare company in Europe that has 2,000 users. The company is
migrating to Windows Server 2012.
The company has two main offices and two branch offices. The main offices are located in
Paris and Amsterdam. One of the branch offices is a sales office located in Berlin. The other
branch office is a research office located in Brussels.
The offices connect to each other by using a WAN link.
Current Environment
Active Directory
The network contains an Active Directory forest named contoso.com. An Active Directory
site exists for each office.
The forest contains a child domain named research.contoso.com.
The functional level of both the domains is Windows Server 2008.
In each site, there are two domain controllers for the contoso.com domain and two domain
controllers for the research.contoso.com domain. The domain controllers run Windows
Server 2008 R2.
All of the domain controllers are global catalog servers.
The FSMO roles were not moved since the domains were deployed.
Network Infrastructure
All servers run Windows Server 2008 R2.
Each user has a laptop computer that runs Windows 7.
The company has 10 print servers. Each print server contains several shared printers.
The company has 10 file servers that have the following disk configurations:
• A simple volume named C that is the System and Boot volume and is formatted
NTFS
• A mounted virtual hard disk (VHD) named DATA that is formatted NTFS
• A simple volume named D that is formatted FAT32
• A simple volume named E that is formatted NTFS
• A Clustered Shared Volume (CSV)
The Paris office contains a server named PA1. The Amsterdam office contains a server
named AM1. Both servers have the following server roles installed:
• DNS Server
• DHCP Server
• Remote Access
The DNS servers are configured to use the DNS servers of the company’s Internet Service
Provider (ISP) as forwarders.
Users often work remotely. The users access the internal network by using an SSTP-based
VPN connection.
Requirements
Planned Changes
The company plans to implement the following changes:
• Create a child domain named sales.contoso.com. Only the domain controllers in
sales.contoso.com will host a zone for the sales.contoso.com domain. The domain controllers
in sales.contoso.com will run Windows Server 2012. The client computers in
sales.contoso.com will use the sales.contoso.com domain controllers as their DNS servers.
• Implement two servers in the Amsterdam office and two servers in the Paris office to
replace PA1 and AMI. These new servers will run Windows Server 2012 and will not have
shared storage.
• Decommission the research.contoso.com domain. All of the users and the Group
Policy objects (GPOs) in research.contoso.com will be migrated to contoso.com.
• Migrate the existing print queues to virtualized instances of Windows Server 2012.
• Migrate the file servers to new servers that run Windows Server 2012.
• Implement RADIUS authentication for VPN connections.
• Deploy Windows Server 2012 to all new servers.
Technical Requirements
The company identifies following technical requirements:
• All changes to Group Policies must be logged.
• Network Access Protection (NAP) policies must be managed centrally.
• Core networking services in each office must be redundant if a server fails.
• The possibility of IP address conflicts during the DHCP migration must be
minimized.
• A central log of the IP address leases and the users associated to those leases must be
created.
• All of the client computers must be able to resolve internal names and internet names.
• Administrators in the Paris office need to deploy a series of desktop restrictions to the
entire company by using Group Policy.
• The new sales.contoso.com domain will contain a web application that will access
data from a Microsoft SQL Server located in the contoso.com domain. The web application
must use integrated Windows authentication. Users’ credentials must be passed from the web
applications to the SQL Server.
###EndCaseStudy###
You need to recommend a solution for DHCP logging. The solution must meet the technical requirement.
What should you include in the recommendation?
A.
Event subscriptions
B.
IP Address Management (IPAM)
C.
DHCP audit logging
D.
DHCP filtering
Explanation:
Feature description
IPAM in Windows Server 2012 is a new built-in framework for discovering, monitoring,
auditing, and managing the IP address space used on a corporate network. IPAM provides
for administration and monitoring of servers running Dynamic Host Configuration Protocol
(DHCP) and Domain Name Service (DNS). IPAM includes components for:
• Automatic IP address infrastructure discover)’: IPAM discovers domain controllers, DHCP
servers, and DNS servers in the domains you choose. You can enable or disable
management of these servers by IPAM.• Custom IP address space display, reporting, and management: The display of IP
addresses is highly customizable and detailed tracking and utilization data is available. IPv4
and IPv6 address space is organized into IP address blocks, IP address ranges, and
individual IP addresses. IP addresses are assigned built-in or user-defined fields that can be
used to further organize IP address space into hierarchical, logical groups.
• Audit of server configuration changes and tracking of IP address usage: Operational events
are displayed for the IPAM server and managed DHCP servers. IPAM also enables IP
address tracking using DHCP lease events and user logon events collected from Network
Policy Server (NPS), domain controllers, and DHCP servers. Tracking is available by IP
address, client ID, host name, or user name.
• Monitoring and management of DHCP and DNS services: IPAM enables automated
service availability monitoring for Microsoft DHCP and DNS servers across the forest. DNS
zone health is displayed, and detailed DHCP server and scope management is available
using the IPAM console.
http://technet.microsoft.com/en-us/library/hh831353.aspx