What should you include in the recommendation?

###BeginCaseStudy###
Case Study: 4
Northwind Traders
Overview
Northwind Traders is a retail company.
The company has offices in Montreal and San Diego. The office in Montreal has 1,000 client
computers. The office in San Diego has 100 computers. The computers in the San Diego
office are often replaced. The offices connect to each other by using a slow WAN link. Each
office connects directly to the Internet.
Existing Environment
Active Directory Environment

The network contains an Active Directory forest named northwindtraders.com. The forest
contains two domains named northwindtraders.com and west.northwindtraders.com. All
servers run Windows Server 2012 R2.
All client computers run Windows 7.
Each office is configured as an Active Directory site. The site in the Montreal office is named
Site1. The site in the San Diego office is named Site2.
The forest contains four domain controllers. The domain controllers are configured as shown
in the following table.

DC1, DC2, and DC3 are writable domain controllers. R0DC1 is read-only domain controller
(RODC). All DNS zones are Active Directory-integrated. All zones replicate to all of the
domain controllers.
All of the computers in the San Diego office are configured to use RODC1 as their only DNS server.
The northwindtraders.com domain contains a Group Policy object (GPO) named GPO1.
GP01 is applied to all of the users in the Montreal office.
All of the user accounts for the Montreal users are in the northwindtraders.com domain. All
of the user accounts for the San Diego users are in the west.northwindtraders.com domain.
Network Environment
Site1 contains the member servers in the northwindtraders.com domain shown in the
following table.

Server1 connects to SAN storage that supports Offloaded Data Transfer (ODX). All virtual
hard disks (VHDs) are stored on the SAN.
A web application named App1 is installed on Servers.
Server3 has a shared folder that contains sales reports. The sales reports are read frequently
by the users in both offices. The reports are generated automatically once per week by an
enterprise resource planning (ERP) system.

A perimeter network in the Montreal office contains two standalone servers. The servers are
configured as shown in the following table.

The servers in the perimeter network are accessible from the Internet by using a domain name
suffix of public.northwindtraders.com.
Each administrator has a management computer that runs Windows 8.1.
Requirements
Planned Changes
Northwind Traders plans to implement the following changes:
On Server1, create four virtual machines that run Windows Server 2012 R2. The servers will
be configured as shown in the following table.

• Configure IP routing between Site1 and the network services that Northwind Traders
hosts in Windows Azure.
• Place a domain controller for the northwindtraders.com domain in Windows Azure.
• Upgrade all of the computers in the Montreal office to Windows 8.1.
• Purchase a subscription to Microsoft Office 365.
• Configure a web application proxy on Server6.
• Configure integration between VMM and IPAM.
• Apply GPO1 to all of the San Diego users.
• Connect Site1 to Windows Azure.
Technical Requirements
Northwind Traders must meet the following technical requirements:
• All virtual machines must use ODX.
• Users must be able to access App1 from the Internet.
• GPO1 must not be applied to computers that run Windows 8.1.
• All DNS zones must replicate only to DC1, DC2, and DC3.
• All computers must be able to resolve names by using a local DNS server.
• If a WAN link fails, users must be able to access all of the sales reports.
• The credentials for accessing Windows Azure must be permanently stored.
• The on-premises network must be connected to Windows Azure by using Server4.
• The administrators must be able to manage Windows Azure by using Windows
PowerShell.

• The number of servers and services deployed in the San Diego office must be
minimized.
• Active Directory queries for the objects in the forest must not generate WAN traffic,
whenever possible.
Security Requirements
Northwind Traders identifies the following security requirements:
• Ensure that all DNS zone data is encrypted when it is replicated.
• Minimize the number of permissions assigned to users and
administrators, whenever possible. Prevent an Active Directory Domain
Services (AD DS) attribute named SSNumber from replicating to Site2.
• Ensure that users can use their northwindtraders.com user account to
access the resources hosted in Office 365.
• Prevent administrators from being required to re-enter their credentials
when they manage Windows Azure from approved management computers.
###EndCaseStudy###

You need to recommend a solution for the sales reports.
What should you include in the recommendation?

###BeginCaseStudy###
Case Study: 4
Northwind Traders
Overview
Northwind Traders is a retail company.
The company has offices in Montreal and San Diego. The office in Montreal has 1,000 client
computers. The office in San Diego has 100 computers. The computers in the San Diego
office are often replaced. The offices connect to each other by using a slow WAN link. Each
office connects directly to the Internet.
Existing Environment
Active Directory Environment

The network contains an Active Directory forest named northwindtraders.com. The forest
contains two domains named northwindtraders.com and west.northwindtraders.com. All
servers run Windows Server 2012 R2.
All client computers run Windows 7.
Each office is configured as an Active Directory site. The site in the Montreal office is named
Site1. The site in the San Diego office is named Site2.
The forest contains four domain controllers. The domain controllers are configured as shown
in the following table.

DC1, DC2, and DC3 are writable domain controllers. R0DC1 is read-only domain controller
(RODC). All DNS zones are Active Directory-integrated. All zones replicate to all of the
domain controllers.
All of the computers in the San Diego office are configured to use RODC1 as their only DNS server.
The northwindtraders.com domain contains a Group Policy object (GPO) named GPO1.
GP01 is applied to all of the users in the Montreal office.
All of the user accounts for the Montreal users are in the northwindtraders.com domain. All
of the user accounts for the San Diego users are in the west.northwindtraders.com domain.
Network Environment
Site1 contains the member servers in the northwindtraders.com domain shown in the
following table.

Server1 connects to SAN storage that supports Offloaded Data Transfer (ODX). All virtual
hard disks (VHDs) are stored on the SAN.
A web application named App1 is installed on Servers.
Server3 has a shared folder that contains sales reports. The sales reports are read frequently
by the users in both offices. The reports are generated automatically once per week by an
enterprise resource planning (ERP) system.

A perimeter network in the Montreal office contains two standalone servers. The servers are
configured as shown in the following table.

The servers in the perimeter network are accessible from the Internet by using a domain name
suffix of public.northwindtraders.com.
Each administrator has a management computer that runs Windows 8.1.
Requirements
Planned Changes
Northwind Traders plans to implement the following changes:
On Server1, create four virtual machines that run Windows Server 2012 R2. The servers will
be configured as shown in the following table.

• Configure IP routing between Site1 and the network services that Northwind Traders
hosts in Windows Azure.
• Place a domain controller for the northwindtraders.com domain in Windows Azure.
• Upgrade all of the computers in the Montreal office to Windows 8.1.
• Purchase a subscription to Microsoft Office 365.
• Configure a web application proxy on Server6.
• Configure integration between VMM and IPAM.
• Apply GPO1 to all of the San Diego users.
• Connect Site1 to Windows Azure.
Technical Requirements
Northwind Traders must meet the following technical requirements:
• All virtual machines must use ODX.
• Users must be able to access App1 from the Internet.
• GPO1 must not be applied to computers that run Windows 8.1.
• All DNS zones must replicate only to DC1, DC2, and DC3.
• All computers must be able to resolve names by using a local DNS server.
• If a WAN link fails, users must be able to access all of the sales reports.
• The credentials for accessing Windows Azure must be permanently stored.
• The on-premises network must be connected to Windows Azure by using Server4.
• The administrators must be able to manage Windows Azure by using Windows
PowerShell.

• The number of servers and services deployed in the San Diego office must be
minimized.
• Active Directory queries for the objects in the forest must not generate WAN traffic,
whenever possible.
Security Requirements
Northwind Traders identifies the following security requirements:
• Ensure that all DNS zone data is encrypted when it is replicated.
• Minimize the number of permissions assigned to users and
administrators, whenever possible. Prevent an Active Directory Domain
Services (AD DS) attribute named SSNumber from replicating to Site2.
• Ensure that users can use their northwindtraders.com user account to
access the resources hosted in Office 365.
• Prevent administrators from being required to re-enter their credentials
when they manage Windows Azure from approved management computers.
###EndCaseStudy###

You need to recommend a solution for the sales reports.
What should you include in the recommendation?

A.
BranchCache in distributed cache mode

B.
Offline files

C.
BranchCache in hosted cache mode

D.
Distributed File System (DFS)



Leave a Reply 12

Your email address will not be published. Required fields are marked *


768kb

768kb

Isn’t it better to use DFS here? If the WAN link fails after new reports were published, these reports are not available to the branch users if they were not accessed by someone before and so cached by any client.

Wojtek

Wojtek

from Business Continuity point of view the DFS is best solution because sales reports are transmitted to the SD just after creation. If the WAN fails DFS will be unable to synchronize sales reports like every other solution.
The requirement is “the number of server and services deployed in the SD office must be minimized”. There is no way to implement a file server for DFS or a host for BranchCache.
The requirement “if a WAN link fails users must be able to access all of the sales reports” disqualify Offline files option.
The only solution meets the requirement is answer A.

Hawkmoon

Hawkmoon

I disagree as Branchcache is not resilient to WAN outage therefore is must be DFS using DFS-R to fulfil the user access to all sales reports. BranchCache only has the data that has been used by clients at the location (or data that has been pre-cached) but can only be accessed providing the primary server can be contacted, which means the branch can’t be disconnected from the primary location.

jimilives

jimilives

This is a tough one…. I don’t believe DFS is the answer because Site 2 has a RODC. DFS will revert any local changes to a DFS share back to what the parent site (i.e. Site 1) says it should be. See this link:

http://blogs.technet.com/b/filecab/archive/2008/02/04/how-does-dfsr-function-on-read-only-domain-controllers.aspx

I believe the true answer to be C: Branch Cache in Hosted Cache mode. Because Site 2 (San Diego) has 100 users. Distributed Cache Mode is only recommended for 50 and fewer users.

I can find no documentation that says Branchcache will not work with a Read-Only Domain Controllers. Branchcache is not affected by the SYSVOL replication issue because it uses BITS.

C: Branchcache – Hosted Cache Mode – Final answer

puck

puck

But the sales report is just a report. It is generated and then read, not modified.

Users need only read teh report. DFSR will work here.

OSA

OSA

Answer is (DFS).
The requirement is : “If a WAN link fails, users must be able to access ALL of the sales reports”
Branchcache (hosted or distributed) does not work when content server is not reachable (link down).
http://windowsitpro.com/windows-server/dfs-r-vs-branchcache-branch-offices

Because “The computers in the San Diego office are often replaced” Offline caching will not make the reports available all the time if WAN link goes down.

The only option left is DFS. the argument against DFS does not stand.
The article referred to by Jimilives states the following:
“behavior is limited only to the SYSVOL replicated folder on RODCs and does not apply to regular non-SYSVOL replicated folders”.

David

David

IMO both A and D should work.
A -> more administrative work.

D -> only option is to install DFS on a RODC (the only server in Site2).
but there is a catch. DFS replication is only 1 way on a RODC and if any file created locally will be deleted by DFS and not replicate outbound. but new changes will come inbound to RODC.
but since these are just sales reports and normally they are read only reports and no editing is required so this may work.
https://blogs.technet.microsoft.com/filecab/2008/02/04/how-does-dfsr-function-on-read-only-domain-controllers/

I guess I favour option D – DFS replication as this may solve the issue.

David

David

Also another point in favour of option D.

Distributed Mode can be used when you have fewer than 50 client systems at the branch office. In this case, there is no BranchCache server. Instead, the BranchCache enabled client machines cache content on their local hard drives.

http://www.windowsnetworking.com/articles-tutorials/windows-7/Introduction-BranchCache-Part1.html

where as the case study indicated that
The office in San Diego has 100 computers. The computers in the San Diego
office are often replaced.

David

David

I take option A Back. Cannot be A.

BranchCache is a very different technology. BranchCache works by having one user from a branch download the content from the server hosting the content. The content is BranchCache enabled, which means hash values are created for chunks of the data. When a second user downloads the same content, the user is sent the hash values that represent the data; that user acquires the actual data locally from the first user by sending out the hash values and in response receives the data. The user that wants to access the data needs to be able to communicate with the server hosting the data to get the hash values before BranchCache can be used. If the primary server is unavailable (e.g., if the link between the branch and the data center is down), then a user won’t be able to obtain the data, even if it were available locally via BranchCache.

http://windowsitpro.com/windows-server/dfs-r-vs-branchcache-branch-offices

so final answer is D.

Google

Google

Just beneath, are a lot of entirely not connected web-sites to ours, on the other hand, they are certainly worth going over.

Jalal Srour

Jalal Srour

B. Offline files
the correct
because
BranchCache is the solution, as access to cached data always requires access to source files in the original location. Without access to the files in the original location, such as a WAN connection failure, the cached data can not be used.

Mohamed Abdu

Mohamed Abdu

A is correct
RODC without proper PRP planning and while link disconnection users can not access it